Vulnerabilities (CVE)

Filtered by vendor Schneider-electric Subscribe

Filtered by product Power Manager

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2020-7547	1 Schneider-electric	5 Ecostruxure Energy Expert, Ecostruxure Power Monitoring Expert, Power Manager and 2 more	2020-12-04	6.5 MEDIUM	8.8 HIGH
A CWE-284: Improper Access Control vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software (see security notification for version information) that could allow a user the ability to perform actions via the web interface at a higher privilege level.
CVE-2020-7545	1 Schneider-electric	5 Ecostruxure Energy Expert, Ecostruxure Power Monitoring Expert, Power Manager and 2 more	2020-12-04	6.5 MEDIUM	7.2 HIGH
A CWE-284:Improper Access Control vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software (see security notification for version information) that could allow for arbitrary code execution on the server when an authorized user access an affected webpage.