Struxureware Building Operations Automation Server AS Firmware

DATE	CVE	VULNERABILITY TITLE	RISK
2016-03-02	CVE-2016-2278	Improper Access Control vulnerability in Schneider-Electric products Schneider Electric Struxureware Building Operations Automation Server AS 1.7 and earlier and AS-P 1.7 and earlier allows remote authenticated administrators to execute arbitrary OS commands by defeating an msh (aka Minimal Shell) protection mechanism. network low complexity schneider-electric CWE-284	7.2