How severe is CVE-2020-28216?

CVE-2020-28216 has a CVSS v3 score of 7.5 (HIGH).

CVE-2020-28216

Name: easergy_t300
Author: schneider-electric

7.5HIGH

A CWE-311: Missing Encryption of Sensitive Data vulnerability exists in Easergy T300 (firmware 2.7 and older), that would allow an attacker to read network traffic over HTTP protocol.

Publicado: 12/11/2020Actualizado: 11/21/2024

Descripción

A CWE-311: Missing Encryption of Sensitive Data vulnerability exists in Easergy T300 (firmware 2.7 and older), that would allow an attacker to read network traffic over HTTP protocol.

Análisis IAImpulsado por IA

Productos Afectados

schneider-electriceasergy_t300_firmware

schneider-electriceasergy_t300

Referencias

https://us-cert.cisa.gov/ics/advisories/icsa-20-343-03
Third Party Advisory
https://www.se.com/ww/en/download/document/SEVD-2020-315-06/
Vendor Advisory
https://us-cert.cisa.gov/ics/advisories/icsa-20-343-03
Third Party Advisory
https://www.se.com/ww/en/download/document/SEVD-2020-315-06/
Vendor Advisory