152 matches found
Schneider Electric StruxureWare Data Center Expert 安全漏洞
Schneider Electric StruxureWare Data Center Expert is a monitoring software from the French company Schneider Electric Schneider Electric. It is suitable for a variety of organizations to monitor their company-wide power, cooling, security, and environment. An access control error vulnerability...
Schneider Electric Struxureware Building Operations Improper Access Control (CVE-2016-2278)
Schneider Electric Struxureware Building Operations Automation Server AS 1.7 and earlier and AS-P 1.7 and earlier allows remote authenticated administrators to execute arbitrary OS commands by defeating an msh aka Minimal Shell protection mechanism. This plugin only works with Tenable.ot. Please...
The vulnerability of the monitoring system for critical equipment, StruxureWare Data Center Expert, is related to deficiencies in the authentication process, allowing a perpetrator to execute arbitrary codes.
The vulnerability of the StruxureWare Data Center Expert monitoring system is related to deficiencies in authentication procedures. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of the monitoring system for critical equipment, StruxureWare Data Center Expert, related to errors during maintenance by one user on devices owned by another user, allows a violator to execute arbitrary code.
The vulnerability of the StruxureWare Data Center Expert monitoring system is related to errors that occur when one user maintains devices owned by another user. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the monitoring system for critical equipment, StruxureWare Data Center Expert, arises due to the lack of measures taken to protect the structure of the web page. This vulnerability allows attackers to carry out XSS attacks.
The vulnerability of the StruxureWare Data Center Expert monitoring system exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks...
The vulnerability of the monitoring system for critical equipment, StruxureWare Data Center Expert, arises due to the failure to take measures to neutralize special elements used in the operating system’s command set. This allows a perpetrator to increase their privileges.
The vulnerability of the StruxureWare Data Center Expert monitoring system exists because measures to neutralize special elements used in the operating system have not been taken. Exploiting this vulnerability can allow attackers to increase their privileges...
The vulnerability of the monitoring system for critical equipment, StruxureWare Data Center Expert, arises due to the failure to take measures to neutralize special elements used in the operating system’s command set. This allows a perpetrator to execute arbitrary commands.
The vulnerability of the StruxureWare Data Center Expert monitoring system exists because measures to neutralize special elements used in the operating system have not been taken. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands via the SSH protocol remotely...
PT-2023-3273 · Schneider Electric · Struxureware Data Center Expert
Name of the Vulnerable Software and Affected Versions: StruxureWare Data Center Expert versions prior to 7.9.2 Description: A code injection issue exists, allowing for remote code execution when using a parameter of the DCE network settings endpoint. This could enable a remote attacker to execute...
PT-2023-3272 · Schneider Electric · Struxureware Data Center Expert
Name of the Vulnerable Software and Affected Versions: StruxureWare Data Center Expert versions prior to 7.9.2 Description: The issue is related to improper control of code generation, allowing remote code execution via the hostname parameter when maliciously crafted hostname syntax is entered...
PT-2023-1607 · Schneider Electric · Struxureware Data Center Expert
Name of the Vulnerable Software and Affected Versions: StruxureWare Data Center Expert versions prior to 7.9.2 Description: The issue is related to insufficient authorization procedures in the system, allowing a remote attacker to potentially execute arbitrary code. Specifically, it involves a...
PT-2023-1391 · Schneider Electric · Struxureware Data Center Expert
Name of the Vulnerable Software and Affected Versions: StruxureWare Data Center Expert versions 7.9.2 and prior Description: A CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability exists that could allow a user that knows the credentials t...
PT-2023-1418 · Schneider Electric · Struxureware Data Center Expert
Name of the Vulnerable Software and Affected Versions: StruxureWare Data Center Expert versions prior to 7.9.2 Description: A vulnerability exists that could allow remote code execution on upload and install packages when a hacker is using a low privileged user account. The issue is related to...
PT-2023-3274 · Schneider Electric · Struxureware Data Center Expert
Name of the Vulnerable Software and Affected Versions: StruxureWare Data Center Expert versions prior to 7.9.2 Description: The issue is related to insufficient protection of the web page structure, allowing a remote attacker to conduct a cross-site scripting attack in the DCE file upload endpoin...
Schneider Electric StruxureWare Data Center Expert 安全漏洞
Schneider Electric StruxureWare Data Center Expert StruxureWare Data Center Management Expert is a monitoring software from the French company Schneider Electric Schneider Electric. Suitable for a variety of organizations to monitor their company-wide power, cooling, security, environment. A...
Schneider Electric StruxureWare Data Center Expert 安全漏洞
Schneider Electric StruxureWare Data Center Expert StruxureWare Data Center Management Expert is a monitoring software from the French company Schneider Electric Schneider Electric. Suitable for a variety of organizations to monitor their company-wide power, cooling, security, environment. A...
Schneider Electric StruxureWare Data Center Expert 代码问题漏洞
Schneider Electric StruxureWare Data Center Expert StruxureWare Data Center Management Expert is a monitoring software from the French company Schneider Electric Schneider Electric. Suitable for a variety of organizations to monitor their company-wide power, cooling, security, environment. A code...
Schneider Electric StruxureWare Data Center Expert 安全漏洞
Schneider Electric StruxureWare Data Center Expert StruxureWare Data Center Management Expert is a monitoring software from the French company Schneider Electric Schneider Electric. Suitable for a variety of organizations to monitor their company-wide power, cooling, security, environment. A...
CVE-2021-22795
A CWE-78 Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability exists that could cause remote code execution when performed over the network. Affected Product: StruxureWare Data Center Expert V7.8.1 and prior...
CVE-2021-22795
A CWE-78 Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability exists that could cause remote code execution when performed over the network. Affected Product: StruxureWare Data Center Expert V7.8.1 and prior...
CVE-2021-22794
A CWE-22 Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists that could cause remote code execution. Affected Product: StruxureWare Data Center Expert V7.8.1 and prior...