How severe is CVE-2020-28216?

CVE-2020-28216 has a CVSS v3 score of 7.5 (HIGH).

CVE-2020-28216

Name: easergy_t300
Author: schneider-electric

7.5HIGH

A CWE-311: Missing Encryption of Sensitive Data vulnerability exists in Easergy T300 (firmware 2.7 and older), that would allow an attacker to read network traffic over HTTP protocol.

Published: 12/11/2020Updated: 11/21/2024

Description

A CWE-311: Missing Encryption of Sensitive Data vulnerability exists in Easergy T300 (firmware 2.7 and older), that would allow an attacker to read network traffic over HTTP protocol.

AI AnalysisPowered by AI

Affected Products

schneider-electriceasergy_t300_firmware

schneider-electriceasergy_t300

References

https://us-cert.cisa.gov/ics/advisories/icsa-20-343-03
Third Party Advisory
https://www.se.com/ww/en/download/document/SEVD-2020-315-06/
Vendor Advisory
https://us-cert.cisa.gov/ics/advisories/icsa-20-343-03
Third Party Advisory
https://www.se.com/ww/en/download/document/SEVD-2020-315-06/
Vendor Advisory