33 matches found
EUVD-2022-46417
Malicious code in bioql PyPI...
EUVD-2022-46415
Malicious code in bioql PyPI...
EUVD-2022-46416
Malicious code in bioql PyPI...
The vulnerability of microprogramming software in programming and hardware environments for monitoring and security protection of IT infrastructure arises from the implementation of physical threats. This vulnerability is related to incorrect restrictions on the visible layers or frames of the user interface. This allows attackers to compromise data integrity.
The vulnerability of the microprogramming software used in IT infrastructure monitoring and security monitoring hardware devices in NetBotz 4 is related to incorrect restrictions on the layers or frames that can be visualized in the user interface. Exploiting this vulnerability could allow a...
Schneider Electric NetBotz Cross-Site Scripting Vulnerability
Schneider Electric NetBotz is a proactive monitoring solution from Schneider Electric, France. It is designed to protect against physical, environmental or human threats that can cause disruption or downtime to IT infrastructure. Schneider Electric NetBotz suffers from a cross-site scripting...
CVE-2022-43378
A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could cause the user to be tricked into performing unintended actions when external address frames are not properly restricted. Affected Products: NetBotz 4 - 355/450/455/550/570 V4.7.0 and prior...
CVE-2022-43378
A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could cause the user to be tricked into performing unintended actions when external address frames are not properly restricted. Affected Products: NetBotz 4 - 355/450/455/550/570 V4.7.0 and prior...
Design/Logic Flaw
A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could cause the user to be tricked into performing unintended actions when external address frames are not properly restricted. Affected Products: NetBotz 4 - 355/450/455/550/570 V4.7.0 and prior...
CVE-2022-43377
A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that could cause account takeover when a brute force attack is performed on the account. Affected Products: NetBotz 4 - 355/450/455/550/570 V4.7.0 and prior...
CVE-2022-43376
A CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists that could cause code and session manipulation when malicious code is inserted into the browser. Affected Products: NetBotz 4 - 355/450/455/550/570 V4.7.0 and prior...
CVE-2022-43377
A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that could cause account takeover when a brute force attack is performed on the account. Affected Products: NetBotz 4 - 355/450/455/550/570 V4.7.0 and prior...
CVE-2022-43376
A CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists that could cause code and session manipulation when malicious code is inserted into the browser. Affected Products: NetBotz 4 - 355/450/455/550/570 V4.7.0 and prior...
Authentication flaw
A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that could cause account takeover when a brute force attack is performed on the account. Affected Products: NetBotz 4 - 355/450/455/550/570 V4.7.0 and prior...
Cross site scripting
A CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists that could cause code and session manipulation when malicious code is inserted into the browser. Affected Products: NetBotz 4 - 355/450/455/550/570 V4.7.0 and prior...
CVE-2022-43378
A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could cause the user to be tricked into performing unintended actions when external address frames are not properly restricted. Affected Products: NetBotz 4 - 355/450/455/550/570 V4.7.0 and prior...
CVE-2022-43378
CVE-2022-43378 affects Schneider Electric NetBotz 4 (devices 355/450/455/550/570) up to version 4.7.0 and prior. The vulnerability is CWE-1021: improper restriction of rendered UI layers or frames, which could let an attacker trick a user into performing unintended actions when external address f...
CVE-2022-43378
A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could cause the user to be tricked into performing unintended actions when external address frames are not properly restricted. Affected Products: NetBotz 4 - 355/450/455/550/570 V4.7.0 and prior...
CVE-2022-43377
A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that could cause account takeover when a brute force attack is performed on the account. Affected Products: NetBotz 4 - 355/450/455/550/570 V4.7.0 and prior...
CVE-2022-43377
A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that could cause account takeover when a brute force attack is performed on the account. Affected Products: NetBotz 4 - 355/450/455/550/570 V4.7.0 and prior...
CVE-2022-43377
CVE-2022-43377 affects Schneider Electric NetBotz 4 (versions ≤ 4.7.0). The root cause is CWE-307: improper restriction of excessive authentication attempts, enabling potential account takeover via brute force over the network. Affected: NetBotz 4 355/450/455/550/570 (V4.7.0 and prior). CVSSv3.1 ...