CVE-2021-22804

Summary

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists that could cause disclosure of arbitrary files being read in the context of the user running IGSS, due to missing validation of user supplied data in network messages. Affected Product: Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21243 and prior)

Affected Software

VendorProductVersion RangeStatus
n/aInteractive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21243 and prior)Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21243 and prior)affected

Weaknesses

  • CWE-22: CWE-22: Improper Limitation of a Pathname to a Restricted Directory

ADP Enrichment

CVE Program Container

Additional References

References