Lucene search

K
Schneider-electricStruxureware Data Center Expert

5 matches found

CVE
CVE
added 2018/05/23 1:29 p.m.360 views

CVE-2018-1126

procps-ng before version 3.3.15 is vulnerable to an incorrect integer size in proc/alloc.* leading to truncation/integer overflow issues. This flaw is related to CVE-2018-1124.

9.8CVSS7.7AI score0.00302EPSS
CVE
CVE
added 2022/04/13 4:15 p.m.59 views

CVE-2021-22794

A CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause remote code execution. Affected Product: StruxureWare Data Center Expert (V7.8.1 and prior)

9.8CVSS9.6AI score0.03731EPSS
CVE
CVE
added 2022/04/13 4:15 p.m.52 views

CVE-2021-22795

A CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability exists that could cause remote code execution when performed over the network. Affected Product: StruxureWare Data Center Expert (V7.8.1 and prior)

9.8CVSS9.8AI score0.03191EPSS
CVE
CVE
added 2023/04/18 9:15 p.m.39 views

CVE-2023-25549

A CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exists thatallows for remote code execution when using a parameter of the DCE network settingsendpoint. Affected products: StruxureWare Data Center Expert (V7.9.2 and prior)

9.8CVSS9.7AI score0.02755EPSS
CVE
CVE
added 2023/04/18 9:15 p.m.30 views

CVE-2023-25550

A CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exists thatallows remote code execution via the “hostname” parameter when maliciously crafted hostnamesyntax is entered. Affected products: StruxureWare Data Center Expert (V7.9.2 and prior)

9.8CVSS9.7AI score0.02755EPSS