Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
schneider-electric ecostruxure power monitoring expert vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2023-5986
A CWE-601 URL Redirection to Untrusted Site vulnerability exists that could cause an openredirect vulnerability leading to a cross site scripting attack. By providing a URL-encoded input attackers can cause the software’s web application to redirect to the chosen domain af...
Schneider-electric Ecostruxure Power Monitoring Expert 2020
Schneider-electric Ecostruxure Power Monitoring Expert 2021
6.1
CVSSv3
CVE-2023-5987
A CWE-79 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) vulnerability that could cause a vulnerability leading to a cross site scripting condition where attackers can have a victim’s browser run arbitrary JavaScript when they visit a pag...
Schneider-electric Ecostruxure Power Monitoring Expert 2020
Schneider-electric Ecostruxure Power Monitoring Expert 2021
9.8
CVSSv3
CVE-2023-5391
A CWE-502: Deserialization of untrusted data vulnerability exists that could allow an malicious user to execute arbitrary code on the targeted system by sending a specifically crafted packet to the application.
Schneider-electric Ecostruxure Power Scada Operation With Advanced Reports
Schneider-electric Ecostruxure Power Operation With Advanced Reports
Schneider-electric Ecostruxure Power Monitoring Expert
8.8
CVSSv3
CVE-2023-28003
A CWE-613: Insufficient Session Expiration vulnerability exists that could allow an malicious user to maintain unauthorized access over a hijacked session in PME after the legitimate user has signed out of their account.
Schneider-electric Ecostruxure Power Monitoring Expert
6.5
CVSSv3
CVE-2022-22726
A CWE-20: Improper Input Validation vulnerability exists that could allow arbitrary files on the server to be read by authenticated users through a limited operating system service account. Affected Product: EcoStruxure Power Monitoring Expert (Versions 2020 and prior)
Schneider-electric Ecostruxure Power Monitoring Expert
8.8
CVSSv3
CVE-2022-22727
A CWE-20: Improper Input Validation vulnerability exists that could allow an unauthenticated malicious user to view data, change settings, impact availability of the software, or potentially impact a user?s local machine when the user clicks a specially crafted link. Affected Pro...
Schneider-electric Ecostruxure Power Monitoring Expert
5.4
CVSSv3
CVE-2022-22804
A CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists that could allow an authenticated malicious user to view data, change settings, or impact availability of the software when the user visits a page contain...
Schneider-electric Ecostruxure Power Monitoring Expert
8.8
CVSSv3
CVE-2021-22827
A CWE-20: Improper Input Validation vulnerability exists that could cause arbitrary code execution when the user visits a page containing the injected payload. This CVE is unique from CVE-2021-22826. Affected Product: EcoStruxure? Power Monitoring Expert 9.0 and prior versions
Schneider-electric Ecostruxure Power Monitoring Expert
8.8
CVSSv3
CVE-2021-22826
A CWE-20: Improper Input Validation vulnerability exists that could cause arbitrary code execution when the user visits a page containing the injected payload. This CVE is unique from CVE-2021-22827. Affected Product: EcoStruxure? Power Monitoring Expert 9.0 and prior versions
Schneider-electric Ecostruxure Power Monitoring Expert
8.8
CVSSv3
CVE-2020-7547
A CWE-284: Improper Access Control vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software (see security notification for version information) that could allow a user the ability to perform actions via the web interface at a higher pr...
Schneider-electric Ecostruxure Energy Expert 2.0
Schneider-electric Ecostruxure Power Monitoring Expert 9.0
Schneider-electric Power Manager 1.1
Schneider-electric Power Manager 1.2
Schneider-electric Power Manager 1.3
Schneider-electric Ecostruxure Power Monitoring Expert 8.0
Schneider-electric Ecostruxure Power Monitoring Expert 7.0
Schneider-electric Powerscada Operation With Advanced Reporting And Dashboards 9.0
Schneider-electric Powerscada Expert With Advanced Reporting And Dashboards 8.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »