Vulnerabilities > Selinc
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-30 | CVE-2023-2264 | Unspecified vulnerability in Selinc Sel-411L Firmware An improper input validation vulnerability in the Schweitzer Engineering Laboratories SEL-411L could allow a malicious actor to manipulate authorized users to click on a link that could allow undesired behavior. See product Instruction Manual Appendix A dated 20230830 for more details. | 7.8 |
| 2023-11-30 | CVE-2023-2265 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Selinc Sel-411L Firmware An Improper Restriction of Rendered UI Layers or Frames in the Schweitzer Engineering Laboratories SEL-411L could allow an unauthenticated attacker to perform clickjacking based attacks against an authenticated and authorized user. See product Instruction Manual Appendix A dated 20230830 for more details. | 6.1 |
| 2023-11-30 | CVE-2023-2266 | Cross-site Scripting vulnerability in Selinc Sel-411L Firmware An Improper neutralization of input during web page generation in the Schweitzer Engineering Laboratories SEL-411L could allow an attacker to generate cross-site scripting based attacks against an authorized and authenticated user. See product Instruction Manual Appendix A dated 20230830 for more details. | 6.1 |
| 2023-11-30 | CVE-2023-2267 | Unspecified vulnerability in Selinc Sel-411L Firmware An Improper Input Validation vulnerability in Schweitzer Engineering Laboratories SEL-411L could allow an attacker to perform reflection attacks against an authorized and authenticated user. See product Instruction Manual Appendix A dated 20230830 for more details. | 5.4 |
| 2023-11-30 | CVE-2023-31176 | Insufficient Entropy vulnerability in Selinc Sel-451 Firmware An Insufficient Entropy vulnerability in the Schweitzer Engineering Laboratories SEL-451 could allow an unauthenticated remote attacker to brute-force session tokens and bypass authentication. See product Instruction Manual Appendix A dated 20230830 for more details. | 9.8 |
| 2023-11-30 | CVE-2023-31177 | Cross-site Scripting vulnerability in Selinc Sel-451 Firmware An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in the Schweitzer Engineering Laboratories SEL-451 could allow an attacker to craft a link that could execute arbitrary code on a victim's system. See product Instruction Manual Appendix A dated 20230830 for more details. | 6.1 |
| 2023-11-30 | CVE-2023-34388 | Improper Authentication vulnerability in Selinc Sel-451 Firmware An Improper Authentication vulnerability in the Schweitzer Engineering Laboratories SEL-451 could allow a remote unauthenticated attacker to potentially perform session hijacking attack and bypass authentication. See product Instruction Manual Appendix A dated 20230830 for more details. | 9.8 |
| 2023-11-30 | CVE-2023-34389 | Allocation of Resources Without Limits or Throttling vulnerability in Selinc Sel-451 Firmware An allocation of resources without limits or throttling vulnerability in the Schweitzer Engineering Laboratories SEL-451 could allow a remote authenticated attacker to make the system unavailable for an indefinite amount of time. See product Instruction Manual Appendix A dated 20230830 for more details. | 6.5 |
| 2023-11-30 | CVE-2023-34390 | Unspecified vulnerability in Selinc Sel-451 Firmware An input validation vulnerability in the Schweitzer Engineering Laboratories SEL-451 could allow a remote authenticated attacker to create a denial of service against the system and locking out services. See product Instruction Manual Appendix A dated 20230830 for more details. | 6.5 |
| 2023-08-31 | CVE-2023-31167 | Path Traversal vulnerability in Selinc Sel-5036 Acselerator BAY Screen Builder Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Schweitzer Engineering Laboratories SEL-5036 acSELerator Bay Screen Builder Software on Windows allows Relative Path Traversal. SEL acSELerator Bay Screen Builder software is distributed by SEL-5033 SEL acSELerator RTAC, SEL-5030 Quickset, and SEL Compass. | 8.1 |