How severe is CVE-2023-25552?

CVE-2023-25552 has a CVSS v3 score of 8.1 (HIGH).

CVE-2023-25552

Name: struxureware_data_center_expert
Author: schneider-electric

8.1HIGH

A CWE-862: Missing Authorization vulnerability exists that could allow viewing of unauthorized content, changes or deleting of content, or performing unauthorized functions when tampering the Devic

公開日: 4/18/2023更新日: 11/21/2024

説明

A CWE-862: Missing Authorization vulnerability exists that could allow viewing of unauthorized content, changes or deleting of content, or performing unauthorized functions when tampering the Device File Transfer settings on DCE endpoints. Affected products: StruxureWare Data Center Expert (V7.9.2 and prior)

AI分析AIによる分析

影響を受ける製品

schneider-electricstruxureware_data_center_expert

参照

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-045-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-045-02.pdf
Vendor Advisory
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-045-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-045-02.pdf
Vendor Advisory