Vulnerabilities > Schneider Electric > Easergy Builder
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-23 | CVE-2020-7519 | Weak Password Requirements vulnerability in Schneider-Electric Easergy Builder 1.4.7.2 A CWE-521: Weak Password Requirements vulnerability exists in Easergy Builder (Version 1.4.7.2 and older) which could allow an attacker to compromise a user account. | 5.0 |
| 2020-07-23 | CVE-2020-7518 | Improper Input Validation vulnerability in Schneider-Electric Easergy Builder 1.4.7.2 A CWE-20: Improper input validation vulnerability exists in Easergy Builder (Version 1.4.7.2 and older) which could allow an attacker to modify project configuration files. | 5.0 |
| 2020-07-23 | CVE-2020-7517 | Cleartext Storage of Sensitive Information vulnerability in Schneider-Electric Easergy Builder 1.4.7.2 A CWE-312: Cleartext Storage of Sensitive Information vulnerability exists in Easergy Builder (Version 1.4.7.2 and older) which could allow an attacker to read user credentials. | 2.1 |
| 2020-07-23 | CVE-2020-7516 | Cleartext Storage of Sensitive Information vulnerability in Schneider-Electric Easergy Builder 1.4.7.2 A CWE-316: Cleartext Storage of Sensitive Information in Memory vulnerability exists in Easergy Builder V1.4.7.2 and prior which could allow an attacker access to login credentials. | 2.1 |
| 2020-07-23 | CVE-2020-7515 | Use of Hard-coded Credentials vulnerability in Schneider-Electric Easergy Builder 1.4.7.2 A CWE-321: Use of hard-coded cryptographic key stored in cleartext vulnerability exists in Easergy Builder V1.4.7.2 and prior which could allow an attacker to decrypt a password. | 2.1 |
| 2020-07-23 | CVE-2020-7514 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Schneider-Electric Easergy Builder 1.4.7.2 A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in Easergy Builder (Version 1.4.7.2 and older) which could allow an attacker access to the authorization credentials for a device and gain full access. | 4.6 |