Schneider Electric PowerSCADA Anywhere 1.0 SSL certificate validation

entryeditHistoryDiffjsonxmlCTI

A vulnerability has been found in Schneider Electric PowerSCADA Anywhere 1.0 (SCADA Software) and classified as critical. This vulnerability affects an unknown code block of the component SSL. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

Field

Commit Conf

Approve Conf

IDCommitedUserFieldChangeRemarksModeratedReasonC
1082002301/14/2021VulD...cvss2_nvd_basescore4.0nist.gov01/14/2021accepted90
1082002201/14/2021VulD...price_0day$0-$5ksee documentation01/14/2021accepted90
1082002101/14/2021VulD...person_nameSchneider Electricsecurityfocus.com01/14/2021accepted70
713994611/19/2019VulD...confirm_urlhttp://www.schneider-electric.com/en/download/document/SEVD-2017-173-01/schneider-electric.com11/19/2019accepted100
713990511/19/2019VulD...discoverydate150050880011/19/2019accepted100
713996509/26/2017VulD...cvss3_nvd_basescore6.5nist.gov09/26/2017accepted90
713996409/26/2017VulD...0day_days6709/26/2017accepted90
713996309/26/2017VulD...cvss3_vuldb_rcX09/26/2017accepted90
713996209/26/2017VulD...cvss3_vuldb_rlX09/26/2017accepted90
713996109/26/2017VulD...cvss3_vuldb_eX09/26/2017accepted90
713996009/26/2017VulD...cvss2_vuldb_rcND09/26/2017accepted90
713995909/26/2017VulD...cvss2_vuldb_rlND09/26/2017accepted90
713995809/26/2017VulD...cvss2_vuldb_eND09/26/2017accepted90
713995709/26/2017VulD...locationWebsite09/26/2017accepted90
713995609/26/2017VulD...seealso107138 107139 107141 11318109/26/2017accepted100
713995509/26/2017VulD...securityfocus_titleSchneider Electric PowerSCADA Anywhere and Citect Anywhere Multiple Security Vulnerabilitiessecurityfocus.com09/26/2017accepted100
713995409/26/2017VulD...securityfocus_classUnknownsecurityfocus.com09/26/2017accepted100
713995309/26/2017VulD...securityfocus_date1500508800 (07/20/2017)securityfocus.com09/26/2017accepted100
713995209/26/2017VulD...securityfocus99913securityfocus.com09/26/2017accepted100
713995109/26/2017VulD...cve_nvd_summaryA vulnerability exists in Schneider Electric's PowerSCADA Anywhere v1.0 redistributed with PowerSCADA Expert v8.1 and PowerSCADA Expert v8.2 and Citect Anywhere version 1.0 that allows the use of outdated cipher suites and improper verification of peer SSL Certificate.mitre.org09/26/2017accepted100

Might our Artificial Intelligence support you?

Check our Alexa App!