Vulnerabilities > Schneider Electric > Wiser Smart Eer21000 Firmware > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-06-02 | CVE-2022-30233 | Improper Input Validation vulnerability in Schneider-Electric products A CWE-20: Improper Input Validation vulnerability exists that could allow the product to be maliciously manipulated when the user is tricked into performing certain actions on a webpage. | 4.3 |
2022-06-02 | CVE-2022-30235 | Improper Restriction of Excessive Authentication Attempts vulnerability in Schneider-Electric products A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that could allow unauthorized access when an attacker uses brute force. | 5.0 |
2022-06-02 | CVE-2022-30236 | Incorrect Resource Transfer Between Spheres vulnerability in Schneider-Electric products A CWE-669: Incorrect Resource Transfer Between Spheres vulnerability exists that could allow unauthorized access when an attacker uses cross-domain attacks. | 6.4 |
2022-06-02 | CVE-2022-30237 | Missing Encryption of Sensitive Data vulnerability in Schneider-Electric products A CWE-311: Missing Encryption of Sensitive Data vulnerability exists that could allow authentication credentials to be recovered when an attacker breaks the encoding. | 5.0 |