What is the severity of CVE-2021-41543?

CVE-2021-41543 is classified as a medium severity vulnerability due to its potential for information disclosure.

How do I fix CVE-2021-41543?

To remediate CVE-2021-41543, upgrade to Climatix POL909 versions V11.44 or later for the AWB module or V11.36 or later for the AWM module.

What is the impact of CVE-2021-41543 on affected devices?

CVE-2021-41543 allows authenticated users to potentially disclose sensitive information from log files.

Which versions of Climatix POL909 are affected by CVE-2021-41543?

All versions of Climatix POL909 firmware earlier than V11.44 for the AWB module and earlier than V11.36 for the AWM module are affected by CVE-2021-41543.

Who is the vendor for the affected software in CVE-2021-41543?

The vendor for the affected software in CVE-2021-41543 is Siemens.

Vulnerability/
CVE-2021-41543

medium

6.5

CWE

532 284

8/3/2022

4/8/2024

CVE-2021-41543

First published: Tue Mar 08 2022(Updated: )

A vulnerability has been identified in Climatix POL909 (AWB module) (All versions < V11.44), Climatix POL909 (AWM module) (All versions < V11.36). The handling of log files in the web application of affected devices contains an information disclosure vulnerability which could allow logged in users to access sensitive files.

Credit: productcert@siemens.com

Affected Software	Affected Version	How to fix
Siemens Climatix Pol909 Firmware	<11.36
Siemens Climatix Pol909 Firmware	<11.44
Siemens Climatix Pol909

Remedy

https://cert-portal.siemens.com/productcert/pdf/ssa-252466.pdf

Never miss a vulnerability like this again

Reference Links

https://cert-portal.siemens.com/productcert/pdf/ssa-252466.pdf

Frequently Asked Questions

What is the severity of CVE-2021-41543?
CVE-2021-41543 is classified as a medium severity vulnerability due to its potential for information disclosure.
How do I fix CVE-2021-41543?
To remediate CVE-2021-41543, upgrade to Climatix POL909 versions V11.44 or later for the AWB module or V11.36 or later for the AWM module.
What is the impact of CVE-2021-41543 on affected devices?
CVE-2021-41543 allows authenticated users to potentially disclose sensitive information from log files.
Which versions of Climatix POL909 are affected by CVE-2021-41543?
All versions of Climatix POL909 firmware earlier than V11.44 for the AWB module and earlier than V11.36 for the AWM module are affected by CVE-2021-41543.
Who is the vendor for the affected software in CVE-2021-41543?
The vendor for the affected software in CVE-2021-41543 is Siemens.

collector/nvd-index
agent/weakness
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/severity
agent/references
agent/last-modified-date
agent/remedy
agent/author
agent/description
agent/first-publish-date
agent/tags
agent/event
agent/source
vendor/siemens
canonical/siemens climatix pol909 firmware
canonical/siemens climatix pol909

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.

Frequently Asked Questions

What is the severity of CVE-2021-41543?
CVE-2021-41543 is classified as a medium severity vulnerability due to its potential for information disclosure.
How do I fix CVE-2021-41543?
To remediate CVE-2021-41543, upgrade to Climatix POL909 versions V11.44 or later for the AWB module or V11.36 or later for the AWM module.
What is the impact of CVE-2021-41543 on affected devices?
CVE-2021-41543 allows authenticated users to potentially disclose sensitive information from log files.
Which versions of Climatix POL909 are affected by CVE-2021-41543?
All versions of Climatix POL909 firmware earlier than V11.44 for the AWB module and earlier than V11.36 for the AWM module are affected by CVE-2021-41543.
Who is the vendor for the affected software in CVE-2021-41543?
The vendor for the affected software in CVE-2021-41543 is Siemens.