A CWE-284:Improper Access Control vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software (see security notification for version information) that could allow for arbitrary code execution on the server when an authorized user access an affected webpage.
References
Link | Resource |
---|---|
https://www.se.com/ww/en/download/document/SEVD-2020-287-04/ | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
03 Sep 2022, 03:46
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-Other |
Information
Published : 2020-12-01 15:15
Updated : 2024-02-04 21:23
NVD link : CVE-2020-7545
Mitre link : CVE-2020-7545
CVE.ORG link : CVE-2020-7545
JSON object : View
Products Affected
schneider-electric
- ecostruxure_energy_expert
- power_manager
- powerscada_expert_with_advanced_reporting_and_dashboards
- powerscada_operation_with_advanced_reporting_and_dashboards
- ecostruxure_power_monitoring_expert
CWE