How severe is CVE-2023-25552?

CVE-2023-25552 has a CVSS v3 score of 8.1 (HIGH).

CVE-2023-25552

Name: struxureware_data_center_expert
Author: schneider-electric

8.1HIGH

A CWE-862: Missing Authorization vulnerability exists that could allow viewing of unauthorized content, changes or deleting of content, or performing unauthorized functions when tampering the Devic

Опубликовано: 4/18/2023Обновлено: 11/21/2024

Описание

A CWE-862: Missing Authorization vulnerability exists that could allow viewing of unauthorized content, changes or deleting of content, or performing unauthorized functions when tampering the Device File Transfer settings on DCE endpoints. Affected products: StruxureWare Data Center Expert (V7.9.2 and prior)

ИИ-АнализНа базе ИИ

Затронутые продукты

schneider-electricstruxureware_data_center_expert

Ссылки

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-045-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-045-02.pdf
Vendor Advisory
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-045-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-045-02.pdf
Vendor Advisory