Vulnerabilities > Selinc > SEL 451 Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-11-30 CVE-2023-31177 Cross-site Scripting vulnerability in Selinc Sel-451 Firmware
An Improper Neutralization of Input During Web Page Generation  ('Cross-site Scripting') in the Schweitzer Engineering Laboratories SEL-451 could allow an attacker to craft a link that could execute arbitrary code on a victim's system. See product Instruction Manual Appendix A dated 20230830 for more details.
network
low complexity
selinc CWE-79
6.1
2023-11-30 CVE-2023-34389 Allocation of Resources Without Limits or Throttling vulnerability in Selinc Sel-451 Firmware
An allocation of resources without limits or throttling vulnerability in the Schweitzer Engineering Laboratories SEL-451 could allow a remote authenticated attacker to make the system unavailable for an indefinite amount of time. See product Instruction Manual Appendix A dated 20230830 for more details.
network
low complexity
selinc CWE-770
6.5
2023-11-30 CVE-2023-34390 Unspecified vulnerability in Selinc Sel-451 Firmware
An input validation vulnerability in the Schweitzer Engineering Laboratories SEL-451 could allow a remote authenticated attacker to create a denial of service against the system and locking out services. See product Instruction Manual Appendix A dated 20230830 for more details.
network
low complexity
selinc
6.5