158 matches found
CVE-2023-31153
An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code.See SEL...
CVE-2023-2310
A Channel Accessible by Non-Endpoint vulnerability in the Schweitzer Engineering Laboratories SEL Real-Time Automation Controller RTAC could allow a remote attacker to perform a man-in-the-middle MiTM that could result in denial of service. See the ACSELERATOR RTAC SEL-5033 Software instruction...
CVE-2023-31149
An Improper Input Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC Web Interface could allow a remote authenticated attacker to execute arbitrary code. See SEL Service Bulletin dated 2022-11-15 for more details...
Authentication flaw
An Authentication Bypass Using an Alternate Path or Channel vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC Web Interface allows Authentication Bypass. See SEL Service Bulletin dated 2022-11-15 for more details...
Design/Logic Flaw
A Channel Accessible by Non-Endpoint vulnerability in the Schweitzer Engineering Laboratories SEL Real-Time Automation Controller RTAC could allow a remote attacker to perform a man-in-the-middle MiTM that could result in denial of service. See the ACSELERATOR RTAC SEL-5033 Software instruction...
Input validation
An Improper Input Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC Web Interface could allow an authenticated remote attacker to use internal resources, allowing a variety of potential effects. See SEL Service Bulletin dated 2022-11-15 f...
Format string
A Storing Passwords in a Recoverable Format vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC database system could allow an authenticated attacker to retrieve passwords. See SEL Service Bulletin dated 2022-11-15 for more details...
CVE-2023-31164
The CVE-2023-31164 entry concerns Schweitzer Engineering Laboratories RTAC Web Interface, where an improper neutralization of input during web page generation enables a cross-site scripting (XSS) flaw. The weakness could allow a remote authenticated attacker to inject and execute arbitrary script...
CVE-2023-31160 Improper Neutralization of Input During Web Page Generation
An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code. See SEL...
CVE-2023-31157 Improper Neutralization of Input During Web Page Generation
An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code. See SEL...
CVE-2023-31157
Summary: CVE-2023-31157 affects Schweitzer Engineering Laboratories RTAC Web Interface, with an issue described as improper neutralization of input during web page generation (XSS). The vulnerability could allow a remote authenticated attacker to inject and execute arbitrary script code via the w...
CVE-2023-31157 Improper Neutralization of Input During Web Page Generation
An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code. See SEL...
CVE-2023-31156 Improper Neutralization of Input During Web Page Generation
An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code. See SEL...
CVE-2023-31155 Improper Neutralization of Input During Web Page Generation
An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code. See SEL...
CVE-2023-31154 Improper Neutralization of Input During Web Page Generation
An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code. See SEL...
CVE-2023-31153 Improper Neutralization of Input During Web Page Generation
An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code.See SEL...
CVE-2023-31152 Authentication Bypass Using an Alternate Path or Channel
An Authentication Bypass Using an Alternate Path or Channel vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC Web Interface allows Authentication Bypass. See SEL Service Bulletin dated 2022-11-15 for more details...
CVE-2023-31152 Authentication Bypass Using an Alternate Path or Channel
An Authentication Bypass Using an Alternate Path or Channel vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC Web Interface allows Authentication Bypass. See SEL Service Bulletin dated 2022-11-15 for more details...
CVE-2023-31150 Storing Passwords in a Recoverable Format
A Storing Passwords in a Recoverable Format vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC database system could allow an authenticated attacker to retrieve passwords. See SEL Service Bulletin dated 2022-11-15 for more details...
CVE-2023-31149 Improper Input Validation in Web Interface
An Improper Input Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC Web Interface could allow a remote authenticated attacker to execute arbitrary code. See SEL Service Bulletin dated 2022-11-15 for more details...