{"containers": {"cna": {"affected": [{"product": "Air Conditioning System/Centralized Controllers G-50A; GB-50A; GB-24A; AG-150A-A; AG-150A-J; GB-50ADA-A; GB-50ADA-J; EB-50GU-A; EB-50GU-J; AE-200A; AE-200E; AE-50A; AE-50E; EW-50A; EW-50E; TE-200A; TE-50A; TW-50A; CMS-RMD-J; Air Conditioning System/Expansion Controllers PAC-YG50ECA; Air Conditioning System/BM adapter BAC-HD150", "vendor": "n/a", "versions": [{"status": "affected", "version": "Ver.3.35 and prior"}, {"status": "affected", "version": "Ver.9.11 and prior"}, {"status": "affected", "version": "Ver.3.20 and prior"}, {"status": "affected", "version": "Ver 7.09 and prior"}, {"status": "affected", "version": "Ver 7.93 and prior"}, {"status": "affected", "version": "Ver.1.30 and prior"}, {"status": "affected", "version": "Ver.2.20 and prior"}, {"status": "affected", "version": "Ver.2.21 and prior"}]}], "descriptions": [{"lang": "en", "value": "Improper Restriction of XML External Entity Reference vulnerability in Mitsubishi Electric Air Conditioning System/Centralized Controllers (G-50A Ver.3.35 and prior, GB-50A Ver.3.35 and prior, GB-24A Ver.9.11 and prior, AG-150A-A Ver.3.20 and prior, AG-150A-J Ver.3.20 and prior, GB-50ADA-A Ver.3.20 and prior, GB-50ADA-J Ver.3.20 and prior, EB-50GU-A Ver 7.09 and prior, EB-50GU-J Ver 7.09 and prior, AE-200A Ver 7.93 and prior, AE-200E Ver 7.93 and prior, AE-50A Ver 7.93 and prior, AE-50E Ver 7.93 and prior, EW-50A Ver 7.93 and prior, EW-50E Ver 7.93 and prior, TE-200A Ver 7.93 and prior, TE-50A Ver 7.93 and prior, TW-50A Ver 7.93 and prior, CMS-RMD-J Ver.1.30 and prior), Air Conditioning System/Expansion Controllers (PAC-YG50ECA Ver.2.20 and prior) and Air Conditioning System/BM adapter(BAC-HD150 Ver.2.21 and prior) allows a remote unauthenticated attacker to disclose some of data in the air conditioning system or cause a DoS condition by sending specially crafted packets."}], "problemTypes": [{"descriptions": [{"description": "Improper Restriction of XML External Entity Reference", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-07-13T10:54:01", "orgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad", "shortName": "Mitsubishi"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-005_en.pdf"}, {"tags": ["x_refsource_MISC"], "url": "https://jvn.jp/vu/JVNVU93086468/index.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp", "ID": "CVE-2021-20595", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Air Conditioning System/Centralized Controllers G-50A; GB-50A; GB-24A; AG-150A-A; AG-150A-J; GB-50ADA-A; GB-50ADA-J; EB-50GU-A; EB-50GU-J; AE-200A; AE-200E; AE-50A; AE-50E; EW-50A; EW-50E; TE-200A; TE-50A; TW-50A; CMS-RMD-J; Air Conditioning System/Expansion Controllers PAC-YG50ECA; Air Conditioning System/BM adapter BAC-HD150", "version": {"version_data": [{"version_value": "Ver.3.35 and prior"}, {"version_value": "Ver.3.35 and prior"}, {"version_value": "Ver.9.11 and prior"}, {"version_value": "Ver.3.20 and prior"}, {"version_value": "Ver.3.20 and prior"}, {"version_value": "Ver.3.20 and prior"}, {"version_value": "Ver.3.20 and prior"}, {"version_value": "Ver 7.09 and prior"}, {"version_value": "Ver 7.09 and prior"}, {"version_value": "Ver 7.93 and prior"}, {"version_value": "Ver 7.93 and prior"}, {"version_value": "Ver 7.93 and prior"}, {"version_value": "Ver 7.93 and prior"}, {"version_value": "Ver 7.93 and prior"}, {"version_value": "Ver 7.93 and prior"}, {"version_value": "Ver 7.93 and prior"}, {"version_value": "Ver 7.93 and prior"}, {"version_value": "Ver 7.93 and prior"}, {"version_value": "Ver.1.30 and prior"}, {"version_value": "Ver.2.20 and prior"}, {"version_value": "Ver.2.21 and prior"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Improper Restriction of XML External Entity Reference vulnerability in Mitsubishi Electric Air Conditioning System/Centralized Controllers (G-50A Ver.3.35 and prior, GB-50A Ver.3.35 and prior, GB-24A Ver.9.11 and prior, AG-150A-A Ver.3.20 and prior, AG-150A-J Ver.3.20 and prior, GB-50ADA-A Ver.3.20 and prior, GB-50ADA-J Ver.3.20 and prior, EB-50GU-A Ver 7.09 and prior, EB-50GU-J Ver 7.09 and prior, AE-200A Ver 7.93 and prior, AE-200E Ver 7.93 and prior, AE-50A Ver 7.93 and prior, AE-50E Ver 7.93 and prior, EW-50A Ver 7.93 and prior, EW-50E Ver 7.93 and prior, TE-200A Ver 7.93 and prior, TE-50A Ver 7.93 and prior, TW-50A Ver 7.93 and prior, CMS-RMD-J Ver.1.30 and prior), Air Conditioning System/Expansion Controllers (PAC-YG50ECA Ver.2.20 and prior) and Air Conditioning System/BM adapter(BAC-HD150 Ver.2.21 and prior) allows a remote unauthenticated attacker to disclose some of data in the air conditioning system or cause a DoS condition by sending specially crafted packets."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Improper Restriction of XML External Entity Reference"}]}]}, "references": {"reference_data": [{"name": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-005_en.pdf", "refsource": "MISC", "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-005_en.pdf"}, {"name": "https://jvn.jp/vu/JVNVU93086468/index.html", "refsource": "MISC", "url": "https://jvn.jp/vu/JVNVU93086468/index.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T17:45:44.715Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-005_en.pdf"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://jvn.jp/vu/JVNVU93086468/index.html"}]}]}, "cveMetadata": {"assignerOrgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad", "assignerShortName": "Mitsubishi", "cveId": "CVE-2021-20595", "datePublished": "2021-07-13T10:54:01", "dateReserved": "2020-12-17T00:00:00", "dateUpdated": "2024-08-03T17:45:44.715Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:g-50a_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "590E5BE8-3A41-4AAE-831E-8D01C2E4296F", "versionEndIncluding": "3.35", "versionStartIncluding": "2.50", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:g-50a:-:*:*:*:*:*:*:*", "matchCriteriaId": "DD839297-7BB1-4447-B781-86A501682648", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:gb-50a_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C24DC7AC-ACF3-4B4F-8605-60ABBC91F723", "versionEndIncluding": "3.35", "versionStartIncluding": "2.50", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:gb-50a:-:*:*:*:*:*:*:*", "matchCriteriaId": "CF1DA319-3B4E-4255-8B09-D4CA82F4CEDD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:ag-150a-a_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A59BEA50-00EF-4958-97D3-D13599FDB02E", "versionEndIncluding": "3.20", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:ag-150a-a:-:*:*:*:*:*:*:*", "matchCriteriaId": "2E37278D-F466-4D02-A3D2-C784D579156B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:ag-150a-j_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "66F1FEF1-1896-4ABD-A69B-789AF83B5D17", "versionEndIncluding": "3.20", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:ag-150a-j:-:*:*:*:*:*:*:*", "matchCriteriaId": "A95212E0-241E-4AD9-97A4-1F75DF382115", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:gb-50ada-a_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2714AD39-85DB-4A82-91F4-AF1E1AD7732B", "versionEndIncluding": "3.20", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:gb-50ada-a:-:*:*:*:*:*:*:*", "matchCriteriaId": "4F3A0876-AAC8-48B2-9081-F0989CBCF3C0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:gb-50ada-j_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2175EE52-FE97-490D-A52F-2775C84E2577", "versionEndIncluding": "3.20", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:gb-50ada-j:-:*:*:*:*:*:*:*", "matchCriteriaId": "006B9E46-F48B-483B-A909-35A7E5A5A76B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:eb-50gu-a_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0750A08B-856A-456E-926F-1EBDB90A6608", "versionEndIncluding": "7.09", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:eb-50gu-a:-:*:*:*:*:*:*:*", "matchCriteriaId": "4BC98F5E-1FE9-4C5D-80B5-E90852A9BE0C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:eb-50gu-j_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "84227253-E377-41F7-B515-C890F28F271B", "versionEndIncluding": "7.09", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:eb-50gu-j:-:*:*:*:*:*:*:*", "matchCriteriaId": "4575CA5F-5B1F-46AF-BD08-7A6C37E7D2F9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:ae-200a_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "70AC9C1D-4AE3-430F-98F0-6A4944725B58", "versionEndIncluding": "7.93", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:ae-200a:-:*:*:*:*:*:*:*", "matchCriteriaId": "208B2720-7090-41FB-99EF-20D4BBF07685", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:ae-200e_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "125ED867-F47D-4532-98F5-FDC99819D37C", "versionEndIncluding": "7.93", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:ae-200e:-:*:*:*:*:*:*:*", "matchCriteriaId": "222E1D60-FB10-477A-A21E-EAC902CCC1EF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:ae-50a_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8AEC0B91-9928-404E-9991-6FE8560E4A94", "versionEndIncluding": "7.93", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:ae-50a:-:*:*:*:*:*:*:*", "matchCriteriaId": "3BC7EF0E-9DC4-4126-BA84-990FDE5EC5EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:ae-50e_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A13BC506-5437-4FB5-9FA6-666B9785D774", "versionEndIncluding": "7.93", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:ae-50e:-:*:*:*:*:*:*:*", "matchCriteriaId": "5E2F0B95-8905-4CBD-A50D-DD11C3B1639E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:ew-50a_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "7BA4C2EB-96FD-416E-BB0F-6390516904E5", "versionEndIncluding": "7.93", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:ew-50a:-:*:*:*:*:*:*:*", "matchCriteriaId": "1A55E519-0E2B-4809-9453-3D240949AF25", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:ew-50e_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "BA6DCE61-57D2-4011-AF5B-6A5A8D180491", "versionEndIncluding": "7.93", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:ew-50e:-:*:*:*:*:*:*:*", "matchCriteriaId": "36D3BD0B-F2C0-4DD7-9EC7-A0ADD2001833", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:te-200a_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2454711C-B053-4071-996A-CF2F90FCC27D", "versionEndIncluding": "7.93", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:te-200a:-:*:*:*:*:*:*:*", "matchCriteriaId": "15CCCC0A-AFBE-4C9B-A92C-8E0C5CF2A055", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:te-50a_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E5CD0C0A-7EFE-4435-A6DE-A0AEF6F1CA09", "versionEndIncluding": "7.93", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:te-50a:-:*:*:*:*:*:*:*", "matchCriteriaId": "C556A4B8-4351-43AD-9E85-D8736D3799E7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:tw-50a_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D9B2E089-A079-448D-A0AB-B92828747504", "versionEndIncluding": "7.93", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:tw-50a:-:*:*:*:*:*:*:*", "matchCriteriaId": "2625668C-2AB6-4610-A609-D2B299EA9B53", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:cms-rmd-j_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E55ABCF2-4170-40F6-8D75-C6EFA7EA4802", "versionEndIncluding": "1.30", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:cms-rmd-j:-:*:*:*:*:*:*:*", "matchCriteriaId": "7F93ABCC-1DD4-4202-831C-AD1E5D04FD31", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:pac-yg50eca_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "89CEB979-0C82-41BB-9371-F860EE9C635E", "versionEndIncluding": "2.20", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:pac-yg50eca:-:*:*:*:*:*:*:*", "matchCriteriaId": "32415898-51D3-4925-8AD1-84D9A3276181", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Improper Restriction of XML External Entity Reference vulnerability in Mitsubishi Electric Air Conditioning System/Centralized Controllers (G-50A Ver.3.35 and prior, GB-50A Ver.3.35 and prior, GB-24A Ver.9.11 and prior, AG-150A-A Ver.3.20 and prior, AG-150A-J Ver.3.20 and prior, GB-50ADA-A Ver.3.20 and prior, GB-50ADA-J Ver.3.20 and prior, EB-50GU-A Ver 7.09 and prior, EB-50GU-J Ver 7.09 and prior, AE-200A Ver 7.93 and prior, AE-200E Ver 7.93 and prior, AE-50A Ver 7.93 and prior, AE-50E Ver 7.93 and prior, EW-50A Ver 7.93 and prior, EW-50E Ver 7.93 and prior, TE-200A Ver 7.93 and prior, TE-50A Ver 7.93 and prior, TW-50A Ver 7.93 and prior, CMS-RMD-J Ver.1.30 and prior), Air Conditioning System/Expansion Controllers (PAC-YG50ECA Ver.2.20 and prior) and Air Conditioning System/BM adapter(BAC-HD150 Ver.2.21 and prior) allows a remote unauthenticated attacker to disclose some of data in the air conditioning system or cause a DoS condition by sending specially crafted packets."}, {"lang": "es", "value": "Una vulnerabilidad de restricci\u00f3n inapropiada de referencia de tipo XML External Entity en Mitsubishi Electric Air Conditioning System/Centralized Controllers versiones: (G-50A Ver.3.35 y anteriores, GB-50A Ver.3.35 y anteriores, GB-24A Ver.9.11 y anteriores, AG-150A-A Ver.3.20 y anteriores, AG-150A-J Ver.3.20 y anteriores, GB-50ADA-A Ver.3.20 y anteriores, GB-50ADA-J Ver.3 .20 y anteriores, EB-50GU-A Ver 7.09 y anteriores, EB-50GU-J Ver 7.09 y anteriores, AE-200A Ver 7.93 y anteriores, AE-200E Ver 7.93 y anteriores, AE-50A Ver 7.93 y anteriores, AE-50E Ver 7.93 y anteriores, EW-50A Ver 7.93 y anteriores, EW-50E Ver 7.93 y anteriores, TE-200A Ver 7.93 y anteriores, TE-50A Ver 7.93 y anteriores, TW-50A Ver 7.93 y anteriores, CMS-RMD-J Ver.1 .30 y anteriores), Air Conditioning System/Expansion Controllers (PAC-YG50ECA Ver.2.20 y anteriores) y Sistema de Aire Acondicionado/Adaptador BM (BAC-HD150 Ver.2.21 y anteriores) permite a un atacante remoto no autenticado divulgar algunos de los datos del sistema de aire acondicionado o causar una condici\u00f3n de DoS mediante el env\u00edo de paquetes especialmente dise\u00f1ados"}], "id": "CVE-2021-20595", "lastModified": "2024-11-21T05:46:50.793", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 8.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 7.8, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 4.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-07-13T11:15:09.327", "references": [{"source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp", "tags": ["Third Party Advisory"], "url": "https://jvn.jp/vu/JVNVU93086468/index.html"}, {"source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp", "tags": ["Vendor Advisory"], "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-005_en.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://jvn.jp/vu/JVNVU93086468/index.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-005_en.pdf"}], "sourceIdentifier": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-611"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}