Vulnerabilities > Schneider Electric > Wiser Smart Eer21001 Firmware > Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2022-06-02	CVE-2022-30233	Improper Input Validation vulnerability in Schneider-Electric products A CWE-20: Improper Input Validation vulnerability exists that could allow the product to be maliciously manipulated when the user is tricked into performing certain actions on a webpage. network schneider-electric CWE-20	4.3
2022-06-02	CVE-2022-30235	Improper Restriction of Excessive Authentication Attempts vulnerability in Schneider-Electric products A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that could allow unauthorized access when an attacker uses brute force. network low complexity schneider-electric CWE-307	5.0
2022-06-02	CVE-2022-30236	Incorrect Resource Transfer Between Spheres vulnerability in Schneider-Electric products A CWE-669: Incorrect Resource Transfer Between Spheres vulnerability exists that could allow unauthorized access when an attacker uses cross-domain attacks. network low complexity schneider-electric CWE-669	6.4
2022-06-02	CVE-2022-30237	Missing Encryption of Sensitive Data vulnerability in Schneider-Electric products A CWE-311: Missing Encryption of Sensitive Data vulnerability exists that could allow authentication credentials to be recovered when an attacker breaks the encoding. network low complexity schneider-electric CWE-311	5.0

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.