How severe is CVE-2023-25552?

CVE-2023-25552 has a CVSS v3 score of 8.1 (HIGH).

CVE-2023-25552

Name: struxureware_data_center_expert
Author: schneider-electric

8.1HIGH

A CWE-862: Missing Authorization vulnerability exists that could allow viewing of unauthorized content, changes or deleting of content, or performing unauthorized functions when tampering the Devic

Publicado: 4/18/2023Actualizado: 11/21/2024

Descripción

A CWE-862: Missing Authorization vulnerability exists that could allow viewing of unauthorized content, changes or deleting of content, or performing unauthorized functions when tampering the Device File Transfer settings on DCE endpoints. Affected products: StruxureWare Data Center Expert (V7.9.2 and prior)

Análisis IAImpulsado por IA

Productos Afectados

schneider-electricstruxureware_data_center_expert

Referencias

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-045-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-045-02.pdf
Vendor Advisory
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-045-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-045-02.pdf
Vendor Advisory