exploitDog

GHSA-3mf8-7qv9-pqph

Опубликовано: 31 янв. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

A CWE-522: Insufficiently Protected Credentials vulnerability exists that could result in unwanted access to a DCE instance when performed over a network by a malicious third-party. This CVE is unique from CVE-2022-32518. Affected Products: Data Center Expert (Versions prior to V7.9.0)

A CWE-522: Insufficiently Protected Credentials vulnerability exists that could result in unwanted access to a DCE instance when performed over a network by a malicious third-party. This CVE is unique from CVE-2022-32518. Affected Products: Data Center Expert (Versions prior to V7.9.0)

Ссылки

EPSS

Процентиль: 55%

0.00326

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-522

Связанные уязвимости

CVE-2022-32520

CVSS3: 8

nvd

около 3 лет назад

A CWE-522: Insufficiently Protected Credentials vulnerability exists that could result in unwanted access to a DCE instance when performed over a network by a malicious third-party. This CVE is unique from CVE-2022-32518. Affected Products: Data Center Expert (Versions prior to V7.9.0)

BDU:2022-04263

CVSS3: 8

fstec

больше 3 лет назад

Уязвимость программного средства мониторинга информации об оборудовании Schneider Electric Data Center Expert, связанная с недостаточной защитой регистрационных данных, позволяющая нарушителю получить полный контроль над программным средством

EPSS

Процентиль: 55%

0.00326

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-522