Vulnerabilities > SE

DATE CVE VULNERABILITY TITLE RISK
2022-01-28 CVE-2021-22724 Cross-Site Request Forgery (CSRF) vulnerability in SE products
A CVE-352 Cross-Site Request Forgery (CSRF) vulnerability exists that could allow an attacker to impersonate the user or carry out actions on their behalf when crafted malicious parameters are submitted in POST requests sent to the charging station web server.
network
se CWE-352
6.8
2022-01-28 CVE-2021-22725 Cross-Site Request Forgery (CSRF) vulnerability in SE products
A CVE-352 Cross-Site Request Forgery (CSRF) vulnerability exists that could allow an attacker to impersonate the user or carry out actions on their behalf when crafted malicious parameters are submitted in POST requests sent to the charging station web server.
network
se CWE-352
6.8
2020-06-16 CVE-2020-7496 Argument Injection or Modification vulnerability in SE Ecostruxure Operator Terminal Expert 3.1
A CWE-88: Argument Injection or Modification vulnerability exists in EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior (formerly known as Vijeo XD)which could cause unauthorized write access when opening the project file.
network
se CWE-88
6.8