cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2021-42022,https://securityvulnerability.io/vulnerability/CVE-2021-42022,,"A vulnerability has been identified in SIMATIC eaSie PCS 7 Skill Package (All versions < V21.00 SP3). When downloading files, the affected systems do not properly neutralize special elements within the pathname. An attacker could then cause the pathname to resolve to a location outside of the restricted directory on the server and read unexpected critical files. The affected file download function is disabled by default.",Siemens,Simatic Easie Pcs 7 Skill Package,6.5,MEDIUM,0.0009299999801442027,false,,false,false,false,,false,false,2021-12-14T12:06:37.000Z,0