Vulnerabilities > CVE-2024-5557 - Unspecified vulnerability in Schneider-Electric Spacelogic As-B Firmware and Spacelogic As-P Firmware

CVSS 4.5 - MEDIUM

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

low complexity

schneider-electric

NVD

Published: 2024-06-12

Updated: 2024-11-21

Summary

CWE-532: Insertion of Sensitive Information into Log File vulnerability exists that could cause exposure of SNMP credentials when an attacker has access to the controller logs.

Vulnerable Configurations

Part	Description	Count
OS	Schneider-Electric Schneider Electric Spacelogic AS B Firmware * Schneider Electric Spacelogic AS P Firmware *	2
Hardware	Schneider-Electric Schneider Electric Spacelogic AS B - Schneider Electric Spacelogic AS P -	2

References

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-163-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-163-04.pdf
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-163-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-163-04.pdf