Vulnerabilities (CVE)

Filtered by vendor Selinc Subscribe

Filtered by product Sel-451

Total 5 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2023-34388	1 Selinc	2 Sel-451, Sel-451 Firmware	2024-02-28	N/A	9.8 CRITICAL
An Improper Authentication vulnerability in the Schweitzer Engineering Laboratories SEL-451 could allow a remote unauthenticated attacker to potentially perform session hijacking attack and bypass authentication. See product Instruction Manual Appendix A dated 20230830 for more details.
CVE-2023-34390	1 Selinc	2 Sel-451, Sel-451 Firmware	2024-02-28	N/A	6.5 MEDIUM
An input validation vulnerability in the Schweitzer Engineering Laboratories SEL-451 could allow a remote authenticated attacker to create a denial of service against the system and locking out services. See product Instruction Manual Appendix A dated 20230830 for more details.
CVE-2023-34389	1 Selinc	2 Sel-451, Sel-451 Firmware	2024-02-28	N/A	6.5 MEDIUM
An allocation of resources without limits or throttling vulnerability in the Schweitzer Engineering Laboratories SEL-451 could allow a remote authenticated attacker to make the system unavailable for an indefinite amount of time. See product Instruction Manual Appendix A dated 20230830 for more details.
CVE-2023-31177	1 Selinc	2 Sel-451, Sel-451 Firmware	2024-02-28	N/A	6.1 MEDIUM
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in the Schweitzer Engineering Laboratories SEL-451 could allow an attacker to craft a link that could execute arbitrary code on a victim's system. See product Instruction Manual Appendix A dated 20230830 for more details.
CVE-2023-31176	1 Selinc	2 Sel-451, Sel-451 Firmware	2024-02-28	N/A	9.8 CRITICAL
An Insufficient Entropy vulnerability in the Schweitzer Engineering Laboratories SEL-451 could allow an unauthenticated remote attacker to brute-force session tokens and bypass authentication. See product Instruction Manual Appendix A dated 20230830 for more details.