CVE-2021-45421: Infoleak
First published: Mon Feb 14 2022(Updated: )
** UNSUPPORTED WHEN ASSIGNED ** Emerson Dixell XWEB-500 products are affected by information disclosure via directory listing. A potential attacker can use this misconfiguration to access all the files in the remote directories. Note: the product has not been supported since 2018 and should be removed or replaced.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Emerson Dixell Xweb-500 Firmware | ||
| Emerson Dixell XWEB-500 | ||
| All of | ||
| Emerson Dixell Xweb-500 Firmware | ||
| Emerson Dixell XWEB-500 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2021-45421.
What products are affected by this vulnerability?
Emerson Dixell XWEB-500 products are affected by this vulnerability.
How does this vulnerability occur?
This vulnerability occurs due to information disclosure via directory listing in Emerson Dixell XWEB-500 products.
What is the severity of CVE-2021-45421?
The severity of CVE-2021-45421 is high with a CVSS score of 7.5.
Is there a fix available for this vulnerability?
No, there is no fix available for this vulnerability as the affected product, Emerson Dixell XWEB-500, has not been supported since 2018 and should be removed.
- collector/nvd-index
- agent/author
- agent/type
- agent/severity
- agent/references
- agent/weakness
- agent/description
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/event
- agent/tags
- agent/first-publish-date
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/source
- vendor/emerson
- canonical/emerson dixell xweb-500 firmware
- canonical/emerson dixell xweb-500