CVE-2018-7797

🗓️ 17 Dec 2018 22:00:00Reported by schneiderType

URL redirection vulnerability in Power Monitoring Expert, Energy Expert v8.2, 9.0 - EcoStruxure PME, PSO. Phishing risk

Reporter	Title	Published	Views	Family All 6
Cvelist	CVE-2018-7797	17 Dec 201822:00	–	cvelist
EUVD	EUVD-2018-19509	7 Oct 202500:30	–	euvd
ICS	Schneider Electric EcoStruxure	20 Dec 201800:00	–	ics
NVD	CVE-2018-7797	17 Dec 201822:29	–	nvd
OSV	CVE-2018-7797	17 Dec 201822:29	–	osv
Prion	Design/Logic Flaw	17 Dec 201822:29	–	prion

NVD

Node

schneider-electric ecostruxure_energy_expertMatch1.3

schneider-electric ecostruxure_energy_expertMatch2.0

schneider-electric ecostruxure_power_monitoring_expertMatch8.2

schneider-electric ecostruxure_power_monitoring_expertMatch9.0

schneider-electric ecostruxure_power_scada_operationMatch8.2

schneider-electric ecostruxure_power_scada_operationMatch9.0

[
  {
    "product": "Power Monitoring Expert, Energy Expert (formerly Power Manager) - EcoStruxure&#xaa; Power Monitoring Expert (PME) v8.2 (all editions), EcoStruxure&#xaa; Energy Expert 1.3 (formerly Power Manager), EcoStruxure&#xaa; Power SCADA Operation (PSO) 8.2 Advanced Reports and Dashboards Module, EcoStruxure&#xaa; Power Monitoring Expert (PME) v9.0, EcoStruxure&#xaa; Energy Expert v2.0, and EcoStruxure&#xaa;Power SCADA Operation (PSO) 9.0 Advanced Reports and Dashboards Module",
    "vendor": "Schneider Electric SE",
    "versions": [
      {
        "status": "affected",
        "version": "EcoStruxure&#xaa"
      },
      {
        "status": "affected",
        "version": "Power Monitoring Expert (PME) v8.2 (all editions), EcoStruxure&#xaa"
      },
      {
        "status": "affected",
        "version": "Energy Expert 1.3 (formerly Power Manager), EcoStruxure&#xaa"
      },
      {
        "status": "affected",
        "version": "Power SCADA Operation (PSO) 8.2 Advanced Reports and Dashboards Module, EcoStruxure&#xaa"
      },
      {
        "status": "affected",
        "version": "Power Monitoring Expert (PME) v9.0, EcoStruxure&#xaa"
      },
      {
        "status": "affected",
        "version": "Energy Expert v2.0, and EcoStruxure&#xaa"
      },
      {
        "status": "affected",
        "version": "Power SCADA Operation (PSO) 9.0 Advanced Reports and Dashboards Module"
      }
    ]
  }
]

Source	Link
securityfocus	www.securityfocus.com/bid/106277
schneider-electric	www.schneider-electric.com/en/download/document/SEVD-2018-347-01/

21 Nov 2024 04:12Current

6.1Medium risk

Vulners AI Score6.1

CVSS 25.8

CVSS 36.1

EPSS0.00173

CWE-601