A CWE-284: Improper Access Control vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software (see security notification for version information) that could allow a user the ability to perform actions via the web interface at a higher privilege level.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
schneider-electric ecostruxure energy expert 2.0 |
||
schneider-electric ecostruxure power monitoring expert 9.0 |
||
schneider-electric power manager 1.1 |
||
schneider-electric power manager 1.2 |
||
schneider-electric power manager 1.3 |
||
schneider-electric ecostruxure power monitoring expert 8.0 |
||
schneider-electric ecostruxure power monitoring expert 7.0 |
||
schneider-electric powerscada operation with advanced reporting and dashboards 9.0 |
||
schneider-electric powerscada expert with advanced reporting and dashboards 8.0 |