Vulnerabilities > SE
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-28 | CVE-2021-22724 | Cross-Site Request Forgery (CSRF) vulnerability in SE products A CVE-352 Cross-Site Request Forgery (CSRF) vulnerability exists that could allow an attacker to impersonate the user or carry out actions on their behalf when crafted malicious parameters are submitted in POST requests sent to the charging station web server. | 6.8 |
| 2022-01-28 | CVE-2021-22725 | Cross-Site Request Forgery (CSRF) vulnerability in SE products A CVE-352 Cross-Site Request Forgery (CSRF) vulnerability exists that could allow an attacker to impersonate the user or carry out actions on their behalf when crafted malicious parameters are submitted in POST requests sent to the charging station web server. | 6.8 |
| 2020-06-16 | CVE-2020-7496 | Argument Injection or Modification vulnerability in SE Ecostruxure Operator Terminal Expert 3.1 A CWE-88: Argument Injection or Modification vulnerability exists in EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior (formerly known as Vijeo XD)which could cause unauthorized write access when opening the project file. | 6.8 |