CVE-2023-22610

A CWE-863: Incorrect Authorization vulnerability exists that could cause Denial of Service against the Geo SCADA server when specific messages are sent to the server over the database server TCP port.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:-:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7268.1:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7322.1:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7429.2:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7457.1:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7488.1:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7522.1:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7545.1:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7578.1:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7613.1:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7641.1:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7690.1:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7714.1:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7742.1:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7777.1:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7808.2:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7840.1:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7875.1:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7896.1:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7936.1:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7980.1:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.8015.1:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.8108.2:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.8122.1:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.8155.1:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.8172.1:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.8197.1:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.8220.1:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.8267.1:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:-:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7551.1:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7578.1:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7613.1:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7641.1:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7692.1:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7717.1:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7742.1:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7787.1:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7809.1:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7840.1:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7875.1:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7913.1:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7936.2:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7980.2:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.8017.1:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.8108.1:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.8122.2:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.8155.1:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.8181.1:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.8197.1:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.8221.1:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.8267.1:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2021:-:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2021:84.8027.1:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2021:84.8108.1:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2021:84.8120.1:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2021:84.8158.1:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2021:84.8182.1:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2021:84.8197.1:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2021:84.8218.1:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2021:84.8269.1:*:*:*:*:*:*:*

History

14 Jun 2023, 08:15

Type Values Removed Values Added
Summary A CWE-285: Improper Authorization vulnerability exists that could cause Denial of Service against the Geo SCADA server when specific messages are sent to the server over the database server TCP port. Affected Products: EcoStruxure Geo SCADA Expert 2019 - 2021 (formerly known as ClearSCADA) (Versions prior to October 2022) A CWE-863: Incorrect Authorization vulnerability exists that could cause Denial of Service against the Geo SCADA server when specific messages are sent to the server over the database server TCP port.
CWE NVD-CWE-Other CWE-863

Information

Published : 2023-01-31 17:15

Updated : 2024-02-28 19:51


NVD link : CVE-2023-22610

Mitre link : CVE-2023-22610

CVE.ORG link : CVE-2023-22610


JSON object : View

Products Affected

schneider-electric

  • ecostruxure_geo_scada_expert_2019
  • ecostruxure_geo_scada_expert_2020
  • ecostruxure_geo_scada_expert_2021
CWE
CWE-863

Incorrect Authorization

NVD-CWE-Other