Vulnerabilities > Schneider Electric > Igss Dashboard > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-21 | CVE-2023-27983 | Unspecified vulnerability in Schneider-Electric Custom Reports, Igss Dashboard and Igss Data Server A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Data Server TCP interface that could allow deletion of reports from the IGSS project report directory, this would lead to loss of data when an attacker abuses this functionality. | 5.3 |
| 2023-03-21 | CVE-2023-27979 | Unspecified vulnerability in Schneider-Electric Custom Reports, Igss Dashboard and Igss Data Server A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists in the Data Server that could allow the renaming of files in the IGSS project report directory, this could lead to denial of service when an attacker sends specific crafted messages to the Data Server TCP port. | 6.5 |
| 2023-03-21 | CVE-2023-27977 | Unspecified vulnerability in Schneider-Electric Custom Reports, Igss Dashboard and Igss Data Server A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists in the Data Server that could cause access to delete files in the IGSS project report directory, this could lead to loss of data when an attacker sends specific crafted messages to the Data Server TCP port. | 5.3 |