Critical Infrastructure Sectors: Energy
A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could allow an malicious user to access the system with elevated privileges when a privileged account clicks on a malicious URL that compromises the security token. Affected Products: AP7xxxx and AP8xxx with NMC2 (V6.9.6 or earlier), AP7xxx and AP8xxx with NMC3 (V1.1.0.3 or earlier), and APDU9xxx with NMC3 (V1.0.0.28 or earlier)
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
schneider-electric rack_power_distribution_unit_with_network_management_card_2_firmware |
||
schneider-electric rack_power_distribution_unit_with_network_management_card_3_firmware |