What is the CVE ID of this vulnerability?

The CVE ID of this vulnerability is CVE-2023-31161.

What is the severity level of CVE-2023-31161?

The severity level of CVE-2023-31161 is high.

Where can I find more information about CVE-2023-31161?

You can find more information about CVE-2023-31161 at the SEL Service Bulletin dated 2022-11-15 and at the Nozomi Networks blog.

Vulnerability/
CVE-2023-31161

high

8.8

CWE

10/5/2023

24/1/2025

CVE-2023-31161: Improper Input Validation in Web Interface

Q: What is the affected software of CVE-2023-31161?

The affected software of CVE-2023-31161 is the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface.

Q: What potential effects can an attacker achieve with CVE-2023-31161?

An attacker can use internal resources, allowing a variety of potential effects with CVE-2023-31161.

First published: Wed May 10 2023(Updated: )

An Improper Input Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow an authenticated remote attacker to use internal resources, allowing a variety of potential effects. See SEL Service Bulletin dated 2022-11-15 for more details.

Credit: security@selinc.com

Affected Software	Affected Version	How to fix
Selinc Sel-3350 Firmware	>=r148-v0<r150-v2
Selinc Sel-3350 Firmware
Selinc Sel-3532	>=r143-v0<r150-v2
Selinc Sel-3532 Firmware
Selinc Sel-3555 Firmware	>=r143-v0<r150-v2
Selinc Sel-3555 Firmware
Selinc Sel-3560e Firmware	>=r144-v2<r150-v2
Selinc Sel-3560e Firmware
Selinc Sel-3560s	>=r144-v2<r150-v2
Selinc SEL-3560S

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the CVE ID of this vulnerability?
The CVE ID of this vulnerability is CVE-2023-31161.
What is the severity level of CVE-2023-31161?
The severity level of CVE-2023-31161 is high.
What is the affected software of CVE-2023-31161?
The affected software of CVE-2023-31161 is the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface.
What potential effects can an attacker achieve with CVE-2023-31161?
An attacker can use internal resources, allowing a variety of potential effects with CVE-2023-31161.
Where can I find more information about CVE-2023-31161?
You can find more information about CVE-2023-31161 at the SEL Service Bulletin dated 2022-11-15 and at the Nozomi Networks blog.

agent/references
agent/type
agent/title
agent/author
agent/severity
agent/weakness
agent/description
agent/event
agent/first-publish-date
agent/source
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/tags
agent/softwarecombine
collector/nvd-index
agent/software-canonical-lookup-request
vendor/selinc
canonical/selinc sel-3350 firmware
version/selinc sel-3350 firmware/r148-v0
canonical/selinc sel-3532
version/selinc sel-3532/r143-v0
canonical/selinc sel-3532 firmware
canonical/selinc sel-3555 firmware
version/selinc sel-3555 firmware/r143-v0
canonical/selinc sel-3560e firmware
version/selinc sel-3560e firmware/r144-v2
canonical/selinc sel-3560s
version/selinc sel-3560s/r144-v2

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.