Latest schneider-electric igss dashboard Vulnerabilities

A CWE-502: Deserialization of Untrusted Data vulnerability exists in the Dashboard module that could cause an interpretation of malicious payload data, potentially leading to remote code execution wh...
Schneider-electric Igss Dashboard<16.0.0.23131
A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Data Server TCP interface that could allow deletion of reports from the IGSS project report directory, this would le...
Schneider-electric Custom Reports<=16.0.0.23040
Schneider-electric Igss Dashboard<=16.0.0.23040
Schneider-electric Igss Data Server<=16.0.0.23040
A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists in the Data Server that could allow the renaming of files in the IGSS project report directory, this could lead to denial...
Schneider-electric Custom Reports<=16.0.0.23040
Schneider-electric Igss Dashboard<=16.0.0.23040
Schneider-electric Igss Data Server<=16.0.0.23040
A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists in the Data Server that could cause access to delete files in the IGSS project report directory, this could lead to loss ...
Schneider-electric Custom Reports<=16.0.0.23040
Schneider-electric Igss Dashboard<=16.0.0.23040
Schneider-electric Igss Data Server<=16.0.0.23040
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists in Custom Reports that could cause a remote code execution when a victim tries to open a malicious report. Af...
Schneider-electric Custom Reports<=16.0.0.23040
Schneider-electric Igss Dashboard<=16.0.0.23040
Schneider-electric Igss Data Server<=16.0.0.23040
A CWE-502: Deserialization of Untrusted Data vulnerability exists in the Dashboard module that could cause an interpretation of malicious payload data, potentially leading to remote code execution whe...
Schneider-electric Custom Reports<=16.0.0.23040
Schneider-electric Igss Dashboard<=16.0.0.23040
Schneider-electric Igss Data Server<=16.0.0.23040
A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists in the Data Server that could cause manipulation of dashboard files in the IGSS project report directory, when an attacke...
Schneider-electric Custom Reports<=16.0.0.23040
Schneider-electric Igss Dashboard<=16.0.0.23040
Schneider-electric Igss Data Server<=16.0.0.23040
A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Data Server TCP interface that could allow the creation of a malicious report file in the IGSS project report direct...
Schneider-electric Custom Reports<=16.0.0.23040
Schneider-electric Igss Dashboard<=16.0.0.23040
Schneider-electric Igss Data Server<=16.0.0.23040

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203