CVE-2025-46737

Origin Validation Error

CVSS 7.4 HIGHEPSS 0.1%CWE-346

SEL-5037 Grid Configurator contains an overly permissive Cross Origin Resource Sharing (CORS) configuration for a data gateway service in the application. This gateway service includes an API which is not properly configured to reject requests from unexpected sources.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N

Produtos afetados

Schweitzer Engineering Laboratories · SEL-5037 Grid Configurator

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://selinc.com/products/software/latest-software-versions/