Schneider-electric » Struxureware Data Center Expert : Security Vulnerabilities, CVEs, (Sql injection) CVSS score >= 4
A CWE-89: Improper Neutralization of Special Elements vulnerability used in an SQL Command
('SQL Injection') vulnerability exists that could allow a user already authenticated on DCE to
access unauthorized content, change, or delete content, or perform unauthorized actions when
tampering with the mass configuration settings of endpoints on DCE.
Max CVSS
8.8
EPSS Score
0.05%
Published
2023-07-12
Updated
2023-07-19
A CWE-89: Improper Neutralization of Special Elements vulnerability used in an SQL Command
('SQL Injection') vulnerability exists that could allow a user already authenticated on DCE to
access unauthorized content, change, or delete content, or perform unauthorized actions when
tampering with the alert settings of endpoints on DCE.
Max CVSS
8.8
EPSS Score
0.05%
Published
2023-07-12
Updated
2023-07-19
2 vulnerabilities found