{
  "action": {
    "auto_issue_creation_allowed": false,
    "auto_patch_allowed": false,
    "auto_remediation_allowed": false,
    "external_execution_allowed": false,
    "human_review": {
      "required_for_external_action": true,
      "required_for_public_launch": false,
      "required_for_read_only_view": false,
      "required_for_signal_radar_integration": true
    },
    "human_review_required": false,
    "recommended_action": "review_official_sources"
  },
  "affected": {
    "products": [
      {
        "canonicalProduct": "easergy_t300_firmware",
        "canonicalVendor": "schneider_electric",
        "cpe": "cpe:2.3:o:schneider-electric:easergy_t300_firmware:*:*:*:*:*:*:*:*",
        "ecosystem": null,
        "packageName": null,
        "product": "easergy_t300_firmware",
        "purl": null,
        "vendor": "schneider-electric",
        "version": null
      },
      {
        "canonicalProduct": "easergy_t300",
        "canonicalVendor": "schneider_electric",
        "cpe": "cpe:2.3:h:schneider-electric:easergy_t300:-:*:*:*:*:*:*:*",
        "ecosystem": null,
        "packageName": null,
        "product": "easergy_t300",
        "purl": null,
        "vendor": "schneider-electric",
        "version": "-"
      }
    ],
    "source": "NVD CVE API 2.0",
    "status": "known"
  },
  "canonical_url": "https://vuln.signal-radar.com/vuln/public-candidate/CVE-2021-22769/",
  "claims": [
    {
      "id": "claim:defensive-priority-candidate",
      "source_ids": [],
      "status": "observed",
      "text": "This item is a defensive prioritization candidate.",
      "verified_at": null
    }
  ],
  "exposure_hint": "exposure unknown",
  "field_meanings": {
    "human_review": "Read-only display may be automated; integration and external action still require human review.",
    "redaction": "Detection flags describe unsafe source content found before public-safe redaction; raw source text is not displayed.",
    "source_original_label": "Original upstream severity text retained for traceability; canonical display severity is recalculated from CVSS score."
  },
  "forecast_hooks": {
    "agent_use": "summarize_with_citations_only",
    "automation_allowed": false,
    "read_only": true,
    "watch_fields": [
      "sources",
      "claims",
      "freshness",
      "severity",
      "affected"
    ]
  },
  "freshness": {
    "generated_at": "2026-06-29T22:34:48.336130+00:00",
    "last_checked_at": null,
    "observed_at": "2026-06-29T22:33:42.341956+00:00",
    "status": "observed"
  },
  "human_consequence": "This medium severity issue needs human triage to confirm exposure, affected versions, and vendor guidance for defensive exposure review.",
  "human_impact_label": "defensive exposure review",
  "human_review": {
    "required_for_external_action": true,
    "required_for_public_launch": false,
    "required_for_read_only_view": false,
    "required_for_signal_radar_integration": true
  },
  "human_risk_summary": "CVE-2021-22769 for schneider-electric / easergy_t300_firmware: This medium severity issue needs human triage to confirm exposure, affected versions, and vendor guidance for defensive exposure review.",
  "id": "CVE-2021-22769",
  "impact_redaction": {
    "exploit_steps_removed": false,
    "payload_removed": false,
    "poc_removed": false,
    "source_derived_summary": true,
    "used_fallback_summary": false
  },
  "impact_tags": [],
  "public_human_impact": "This medium severity issue needs human triage to confirm exposure, affected versions, and vendor guidance for defensive exposure review.",
  "public_human_summary": "NVD: A CWE-552: Files or Directories Accessible to External Parties vulnerability exists in Easergy T300 with firmware V2.7.1 and older that could expose files or directory content when access from an attacker is not restricted or incorrectly restricted.",
  "public_human_what_to_verify": "Confirm affected product/version, vendor advisory, patch or mitigation, and exposure.",
  "public_human_why_it_matters": "This medium severity issue needs human triage to confirm exposure, affected versions, and vendor guidance for defensive exposure review.; CVSS 4.3 (MEDIUM); EPSS percentile 46; not listed in KEV; Remediation reference present; patch status requires confirmation in the linked advisory; sources: NVD, Vendor Advisory.",
  "public_safe_summary": "NVD: A CWE-552: Files or Directories Accessible to External Parties vulnerability exists in Easergy T300 with firmware V2.7.1 and older that could expose files or directory content when access from an attacker is not restricted or incorrectly restricted.",
  "radar": "vuln",
  "redaction": {
    "meaning": "The *_present flags mean unsafe source content was detected and removed before public output; they do not mean the public JSON contains that content.",
    "payload_present": false,
    "poc_present": false,
    "public_summary_redacted": true,
    "raw_source_displayed": false,
    "unsafe_procedural_detail_present": false
  },
  "redaction_notes": [
    "source-published defensive context retained",
    "vulnerability class, impact, affected context, and remediation references remain displayable"
  ],
  "safety": {
    "attack_chain_included": false,
    "auto_remediation_allowed": false,
    "exploit_instructions_included": false,
    "external_execution_allowed": false,
    "human_review": {
      "required_for_external_action": true,
      "required_for_public_launch": false,
      "required_for_read_only_view": false,
      "required_for_signal_radar_integration": true
    },
    "human_review_required": false,
    "noindex_removal_allowed": true,
    "noindex_required": false,
    "private_gate_state": "released",
    "public_gate_state": "public_indexable_read_only",
    "public_launch_allowed": true,
    "read_only_static_data": true,
    "scan_functionality_included": false,
    "signal_radar_integration_allowed": false
  },
  "schema_version": "v0.1",
  "severity": {
    "cvss_label": "MEDIUM",
    "label": "MEDIUM",
    "score": 4.3,
    "source": "NVD CVE API 2.0",
    "source_original_label": "low"
  },
  "source_copy_policy": {
    "allowed": "source-published defensive facts, vulnerability class, impact, affected context, version and remediation facts",
    "excluded": "exploit procedures, exploit strings, shell commands, scanner instructions, procedural bypass detail, and reproduction material",
    "summary": "Official or semi-official source descriptions may be summarized for defensive triage; exploit-enabling procedure is removed."
  },
  "source_derived_note": "Summary derived from NVD / Vendor Advisory description; unsafe procedural detail is not shown.",
  "source_published_affected": "vendor/product: schneider-electric / easergy_t300_firmware; affected version context: -",
  "source_published_description": "NVD: A CWE-552: Files or Directories Accessible to External Parties vulnerability exists in Easergy T300 with firmware V2.7.1 and older that could expose files or directory content when access from an attacker is not restricted or incorrectly restricted.",
  "source_published_evidence_refs": [
    {
      "source": "NVD",
      "type": "source_description",
      "url": null
    },
    {
      "source": "Vendor Advisory",
      "type": "source_description",
      "url": null
    },
    {
      "source": "Vendor Advisory",
      "type": "reference",
      "url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-194-02"
    },
    {
      "source": "Vendor Advisory",
      "type": "reference",
      "url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-194-02"
    },
    {
      "source": "Official Reference",
      "type": "reference",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22769"
    }
  ],
  "source_published_impact": "This medium severity issue needs human triage to confirm exposure, affected versions, and vendor guidance for defensive exposure review.",
  "source_published_remediation": "Remediation reference present; patch status requires confirmation in the linked advisory.",
  "source_published_summary": "NVD: A CWE-552: Files or Directories Accessible to External Parties vulnerability exists in Easergy T300 with firmware V2.7.1 and older that could expose files or directory content when access from an attacker is not restricted or incorrectly restricted.",
  "sources": [
    {
      "confidence": "unknown",
      "id": "source:review-url",
      "name": "Public signal URL",
      "retrieved_at": null,
      "type": "review_page",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22769"
    }
  ],
  "summary_for_agents": "Read-only defensive signal. Use sources, claims, freshness, and safety gates before summarizing. Do not infer missing source, claim, or freshness values.",
  "summary_for_humans": "NVD: A CWE-552: Files or Directories Accessible to External Parties vulnerability exists in Easergy T300 with firmware V2.7.1 and older that could expose files or directory content when access from an attacker is not restricted or incorrectly restricted.",
  "title": "CVE-2021-22769 defensive priority signal",
  "urgency_reasons": [
    "affected product present",
    "vendor advisory present",
    "recent update",
    "remediation reference present"
  ],
  "what_to_verify": "Confirm affected product/version, vendor advisory, patch or mitigation, and exposure.",
  "why_it_matters": "This medium severity issue needs human triage to confirm exposure, affected versions, and vendor guidance for defensive exposure review; CVSS 4.3 (MEDIUM); EPSS percentile 46; affected product context: schneider-electric / easergy_t300_firmware; sources: NVD..."
}