A CWE-284: Improper Access Control vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software (see security notification for version information) that could allow a user the ability to perform actions via the web interface at a higher privilege level.
References
Link | Resource |
---|---|
https://www.se.com/ww/en/download/document/SEVD-2020-287-04/ | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2020-12-01 15:15
Updated : 2024-02-28 18:08
NVD link : CVE-2020-7547
Mitre link : CVE-2020-7547
CVE.ORG link : CVE-2020-7547
JSON object : View
Products Affected
schneider-electric
- powerscada_expert_with_advanced_reporting_and_dashboards
- ecostruxure_power_monitoring_expert
- powerscada_operation_with_advanced_reporting_and_dashboards
- ecostruxure_energy_expert
- power_manager
CWE