How severe is CVE-2020-28217?

CVE-2020-28217 has a CVSS v3 score of 7.5 (HIGH).

CVE-2020-28217

Name: easergy_t300
Author: schneider-electric

7.5HIGH

A CWE-311: Missing Encryption of Sensitive Data vulnerability exists in Easergy T300 (firmware 2.7 and older), that would allow an attacker to read network traffic over HTTP protocol.

Publicado: 12/11/2020Actualizado: 11/21/2024

Descripción

A CWE-311: Missing Encryption of Sensitive Data vulnerability exists in Easergy T300 (firmware 2.7 and older), that would allow an attacker to read network traffic over HTTP protocol.

Análisis IAImpulsado por IA

Productos Afectados

schneider-electriceasergy_t300_firmware

schneider-electriceasergy_t300

Referencias

https://us-cert.cisa.gov/ics/advisories/icsa-20-343-03
Third Party AdvisoryUS Government Resource
https://www.se.com/ww/en/download/document/SEVD-2020-315-06/
Vendor Advisory
https://us-cert.cisa.gov/ics/advisories/icsa-20-343-03
Third Party AdvisoryUS Government Resource
https://www.se.com/ww/en/download/document/SEVD-2020-315-06/
Vendor Advisory