U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Change Records for CVE-2021-22812

Change History

Initial Analysis by NIST 2/04/2022 11:22:31 AM

Action Type Old Value New Value
Added CVSS V3.1

								
							
							
						
NIST AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Added CVSS V2

								
							
							
						
NIST (AV:N/AC:M/Au:N/C:N/I:P/A:N)
Added CWE

								
							
							
						
NIST CWE-79
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:schneider-electric:network_management_card_2_firmware:*:*:*:*:*:*:*:* versions up to (including) 6.9.6
     OR
          cpe:2.3:h:schneider-electric:ap9922_battery_management_system:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:apc_rack_power_distribution_units:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:galaxy_g7x:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:galaxy_g9kchu:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:galaxy_gcxsa:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:galaxy_gfc:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:galaxy_gvmsa:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:galaxy_gvmts:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:galaxy_gvxts:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:galaxy_rpp_grppip2x84:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:gutor_gvx:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:gutor_sxw:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:netbotz_nbrk0250:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:network_management_card_2:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:pd40e5ek20-m:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:pd40f6fk1-m:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:pd40g6fk1-m:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:pd40h5ek20-m:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:pd40l6fk1-m:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:pd60f6fk1:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:pd60g6fk1:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:pd60l6fk1:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:pdpb150g6f:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:pdpm138h-5u:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:pdpm138h-r:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:pdpm144f:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:pdpm150g6f:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:pdpm150l6f:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:pdpm175g6h:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:pdpm277h:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:pdpm288g6h:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:pdpm72f-5u:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:pdrppnx10:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:pdrppnx10m:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:pmm400-ala:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:pmm400-alax:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:pmm400-cub:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:pmm500-ala:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:pmm500-alax:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:pmm500-cub:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:rack_automatic_transfer_switches:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:symmetra_px_100:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:symmetra_px_160:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:symmetra_px_20:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:symmetra_px_250:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:symmetra_px_40:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:symmetra_px_48:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:symmetra_px_500:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:symmetra_px_96:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:schneider-electric:network_management_card_2_firmware:*:*:*:*:*:*:*:* versions up to (including) 6.9.8
     OR
          cpe:2.3:h:schneider-electric:galaxy_3500:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:network_management_card_2:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:single-phase_symmetra:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:smart-ups:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:schneider-electric:network_management_card_3_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.4.0
     OR
          cpe:2.3:h:schneider-electric:apc_rack_power_distribution_units:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:network_management_card_3:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:schneider-electric:network_management_card_3_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.4.2.1
     OR
          cpe:2.3:h:schneider-electric:galaxy_3500:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:network_management_card_3:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:single-phase_symmetra:-:*:*:*:*:*:*:*
          cpe:2.3:h:schneider-electric:smart-ups:-:*:*:*:*:*:*:*
Changed Reference Type
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-313-03 No Types Assigned
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-313-03 Mitigation, Vendor Advisory
Added CVSS V2 Metadata

								
							
							
						
Victim must voluntarily interact with attack mechanism