CVE-2021-22815

Name of the Vulnerable Software and Affected Versions APC Smart-UPS, Symmetra, and Galaxy 3500 with Network Management Card 2 (NMC2) versions 6.9.8 and earlier APC Symmetra PX 250/500 (SYPX) Network Management Card 2 (NMC2) versions 6.9.6 and earlier APC Symmetra PX 48/96/100/160 kW UPS (PX2), Symmetra PX 20/40 kW UPS (SY3P), Gutor (SXW, GVX), and Galaxy (GVMTS, GVMSA, GVXTS, GVXSA, G7K, GFC, G9KCHU) with Network Management Card 2 (NMC2) versions 6.9.6 and earlier APC Smart-UPS, Symmetra, and Galaxy 3500 with Network Management Card 3 (NMC3) versions 1.4.2.1 and earlier APC Rack Power Distribution Units (PDU) using NMC2 2G Metered/Switched Rack PDUs with embedded NMC2 versions 6.9.6 and earlier APC Rack Power Distribution Units (PDU) using NMC3 2G Metered/Switched Rack PDUs with embedded NMC3 versions 1.4.0 and earlier APC 3-Phase Power Distribution Products using NMC2 Galaxy RPP versions 6.9.6 and earlier Network Management Card 2 (NMC2) for InfraStruxure 150 kVA PDU with 84 Poles (X84P) versions 6.9.6 and earlier Network Management Card 2 for InfraStruxure 40/60kVA PDU (XPDU) versions 6.9.6 and earlier Network Management Card 2 for Modular 150/175kVA PDU (XRDP) versions 6.9.6 and earlier Network Management Card 2 for 400 and 500 kVA (PMM) versions 6.9.6 and earlier Network Management Card 2 for Modular PDU (XRDP2G) versions 6.9.6 and earlier Rack Automatic Transfer Switches (ATS) Embedded NMC2 versions 6.9.6 and earlier Network Management Card 2 (NMC2) Cooling Products versions 6.9.6 and earlier Environmental Monitoring Unit with embedded NMC2 (NB250) versions 6.9.6 and earlier Network Management Card 2 (NMC2): AP9922 Battery Management System (BM4) versions 6.9.6 and earlier

Description A CWE-200: Information Exposure vulnerability exists which could cause the troubleshooting archive to be accessed.

Recommendations For APC Smart-UPS, Symmetra, and Galaxy 3500 with Network Management Card 2 (NMC2) versions 6.9.8 and earlier, update to a version later than 6.9.8. For APC Symmetra PX 250/500 (SYPX) Network Management Card 2 (NMC2) versions 6.9.6 and earlier, update to a version later than 6.9.6. For APC Symmetra PX 48/96/100/160 kW UPS (PX2), Symmetra PX 20/40 kW UPS (SY3P), Gutor (SXW, GVX), and Galaxy (GVMTS, GVMSA, GVXTS, GVXSA, G7K, GFC, G9KCHU) with Network Management Card 2 (NMC2) versions 6.9.6 and earlier, update to a version later than 6.9.6. For APC Smart-UPS, Symmetra, and Galaxy 3500 with Network Management Card 3 (NMC3) versions 1.4.2.1 and earlier, update to a version later than 1.4.2.1. For APC Rack Power Distribution Units (PDU) using NMC2 2G Metered/Switched Rack PDUs with embedded NMC2 versions 6.9.6 and earlier, update to a version later than 6.9.6. For APC Rack Power Distribution Units (PDU) using NMC3 2G Metered/Switched Rack PDUs with embedded NMC3 versions 1.4.0 and earlier, update to a version later than 1.4.0. For APC 3-Phase Power Distribution Products using NMC2 Galaxy RPP versions 6.9.6 and earlier, update to a version later than 6.9.6. For Network Management Card 2 (NMC2) for InfraStruxure 150 kVA PDU with 84 Poles (X84P) versions 6.9.6 and earlier, update to a version later than 6.9.6. For Network Management Card 2 for InfraStruxure 40/60kVA PDU (XPDU) versions 6.9.6 and earlier, update to a version later than 6.9.6. For Network Management Card 2 for Modular 150/175kVA PDU (XRDP) versions 6.9.6 and earlier, update to a version later than 6.9.6. For Network Management Card 2 for 400 and 500 kVA (PMM) versions 6.9.6 and earlier, update to a version later than 6.9.6. For Network Management Card 2 for Modular PDU (XRDP2G) versions 6.9.6 and earlier, update to a version later than 6.9.6. For Rack Automatic Transfer Switches (ATS) Embedded NMC2 versions 6.9.6 and earlier, update to a version later than 6.9.6. For Network Management Card 2 (NMC2) Cooling Products versions 6.9.6 and earlier, update to a version later than 6.9.6. For Environmental Monitoring Unit with embedded NMC2 (NB250) versions 6.9.6 and earlier, update to a version later than 6.9.6. For Network Management Card 2 (NMC2): AP9922 Battery Management System (BM4) versions 6.9.6 and earlier, update to a version later than 6.9.6.