Schneider Electric Easergy P5 przed 01.401.101 SSH weak authentication

Odkryto lukę w Schneider Electric Easergy P5 (SCADA Software). Podatnością dotknięta jest nieznana funkcja w komponencie SSH. Aktualizacja do wersji 01.401.101 eliminuje tę podatność.

Pole2022-01-12 17:462022-01-15 09:14
cvss2_vuldb_tempscore5.95.9
cvss3_vuldb_basescore7.57.5
cvss3_vuldb_tempscore7.27.2
cvss3_meta_basescore7.57.5
cvss3_meta_tempscore7.27.2
price_0day$0-$5k$0-$5k
vendorSchneider ElectricSchneider Electric
nameEasergy P5Easergy P5
componentSSHSSH
cwe798 (słabe uwierzytelnianie)798 (słabe uwierzytelnianie)
risk22
cvss3_vuldb_avAA
cvss3_vuldb_acHH
cvss3_vuldb_prNN
cvss3_vuldb_uiNN
cvss3_vuldb_sUU
cvss3_vuldb_cHH
cvss3_vuldb_iHH
cvss3_vuldb_aHH
cvss3_vuldb_rlOO
cvss3_vuldb_rcCC
identifierSEVD-2022-011-03SEVD-2022-011-03
urlhttps://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-011-03https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-011-03
nameUpgradeUpgrade
upgrade_version01.401.10101.401.101
cveCVE-2022-22722CVE-2022-22722
date1641942000 (2022-01-12)1641942000 (2022-01-12)
typeSCADA SoftwareSCADA Software
cvss2_vuldb_avAA
cvss2_vuldb_acHH
cvss2_vuldb_auNN
cvss2_vuldb_ciCC
cvss2_vuldb_iiCC
cvss2_vuldb_aiCC
cvss2_vuldb_rcCC
cvss2_vuldb_rlOFOF
cvss2_vuldb_eNDND
cvss3_vuldb_eXX
cvss2_vuldb_basescore6.86.8
cve_assigned1641423600

Might our Artificial Intelligence support you?

Check our Alexa App!