← voltar
CVE-2023-0595

CVE-2023-0595

CVSS 5.3 MEDIUMEPSS 0.4%CWE-117
A CWE-117: Improper Output Neutralization for Logs vulnerability exists that could cause the misinterpretation of log files when malicious packets are sent to the Geo SCADA server's database web port (default 443). Affected products: EcoStruxure Geo SCADA Expert 2019, EcoStruxure Geo SCADA Expert 2020, EcoStruxure Geo SCADA Expert 2021(All Versions prior to October 2022), ClearSCADA (All Versions)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Produtos afetados
Schneider Electric · ClearSCADASchneider Electric · EcoStruxure Geo SCADA Expert 2019Schneider Electric · EcoStruxure Geo SCADA Expert 2020Schneider Electric · EcoStruxure Geo SCADA Expert 2021

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-045-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-045-01.pdf