CVE-2020-7547

2020-12-0114:44:52

CWE-284

schneider

www.cve.org

8.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

36.9%

JSON

A CWE-284: Improper Access Control vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software (see security notification for version information) that could allow a user the ability to perform actions via the web interface at a higher privilege level.

CNA Affected

[
  {
    "product": "EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software (see security notification for version information)",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software (see security notification for version information)"
      }
    ]
  }
]

References

www.se.com/ww/en/download/document/SEVD-2020-287-04/