CVE-2021-22804

CVE-2021-22804

Vendor N/A
Product Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21243 and prior)
Weakness CWE-22 · Path traversal
Published February 11, 2022
Last update August 3, 2024

CVSS base score

What the vulnerability does

01Description

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists that could cause disclosure of arbitrary files being read in the context of the user running IGSS, due to missing validation of user supplied data in network messages. Affected Product: Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21243 and prior)

Key dates

02Disclosure timeline

February 11, 2022 CVE published
August 3, 2024 Record updated