Home/Product/schneider electric ecostruxure power monitoring expert
Product

schneider electric ecostruxure power monitoring expert

13 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2023-5987
all versions
A CWE-79 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) vulnerability that could cause a vulne
6.1MEDIUM
 CVE-2023-5986
all versions
A CWE-601 URL Redirection to Untrusted Site vulnerability exists that could cause an openredirect vulnerability leading to a cross
8.2HIGH
 CVE-2023-5391
all versions
A CWE-502: Deserialization of untrusted data vulnerability exists that could allow an attacker to execute arbitrary code on the ta
9.8CRITICAL
 CVE-2023-28003
<= 2022
A CWE-613: Insufficient Session Expiration vulnerability exists that could allow an attacker to maintain unauthorized access over
6.7MEDIUM
 CVE-2022-22804
<= 2020
A CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists that could all
5.4MEDIUM
 CVE-2022-22727
<= 2020
A CWE-20: Improper Input Validation vulnerability exists that could allow an unauthenticated attacker to view data, change setting
8.8HIGH
 CVE-2022-22726
<= 2020
A CWE-20: Improper Input Validation vulnerability exists that could allow arbitrary files on the server to be read by authenticate
6.5MEDIUM
 CVE-2021-22827
<= 9.0
A CWE-20: Improper Input Validation vulnerability exists that could cause arbitrary code execution when the user visits a page con
8.8HIGH
 CVE-2021-22826
<= 9.0
A CWE-20: Improper Input Validation vulnerability exists that could cause arbitrary code execution when the user visits a page con
8.8HIGH
 CVE-2020-7547
all versions
A CWE-284: Improper Access Control vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software (
8.8HIGH
 CVE-2020-7546
all versions
A CWE-79: Improper Neutralization of Input During Web Page Generation vulnerability exists in EcoStruxureª and SmartStruxureª Po
5.4MEDIUM
 CVE-2020-7545
all versions
A CWE-284:Improper Access Control vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software (s
7.2HIGH
 CVE-2018-7797
all versions
A URL redirection vulnerability exists in Power Monitoring Expert, Energy Expert (formerly Power Manager) - EcoStruxure Power Moni
6.1MEDIUM
SOC and Response
CVE triage
Stack monitoring
Am I affected
IOC triage
KEV catalog
Recently exploited
Daily brief
Change tracking
Detection Engineering
Coverage workspace
Detection coverage
Coverage check
Telemetry ceiling
SIEM query builder
Sigma rules
SIEM rules
YARA rules
Network rules
D3FEND
Threat Hunting
Threat actors
ATT&CK techniques
Attack paths
Indicators
Atomic tests
Red Team and Pentest
Exploitability triage
Recon pack
Attack paths
CAPEC patterns
Adversary emulation
Compliance and GRC
Framework mapping
Control assessment
Audit view
Coverage report
Atlas Search Threat actors Techniques Tools & malware CWE CAPEC KEV catalog Package vulns
About All capabilities Pricing API docs Live status Privacy policy Terms of service
threatengine.sh