Vulnerabilities > CVE-2022-22727 - Unspecified vulnerability in Schneider-Electric Ecostruxure Power Monitoring Expert
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
A CWE-20: Improper Input Validation vulnerability exists that could allow an unauthenticated attacker to view data, change settings, impact availability of the software, or potentially impact a user?s local machine when the user clicks a specially crafted link. Affected Product: EcoStruxure Power Monitoring Expert (Versions 2020 and prior)
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 7 |