How severe is CVE-2023-25552?

CVE-2023-25552 has a CVSS v3 score of 8.1 (HIGH).

CVE-2023-25552

Name: struxureware_data_center_expert
Author: schneider-electric

8.1HIGH

A CWE-862: Missing Authorization vulnerability exists that could allow viewing of unauthorized content, changes or deleting of content, or performing unauthorized functions when tampering the Devic

Publicado: 4/18/2023Atualizado: 11/21/2024

Descrição

A CWE-862: Missing Authorization vulnerability exists that could allow viewing of unauthorized content, changes or deleting of content, or performing unauthorized functions when tampering the Device File Transfer settings on DCE endpoints. Affected products: StruxureWare Data Center Expert (V7.9.2 and prior)

Análise IADesenvolvido por IA

Produtos Afetados

schneider-electricstruxureware_data_center_expert

Referências

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-045-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-045-02.pdf
Vendor Advisory
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-045-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-045-02.pdf
Vendor Advisory