Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-32521 | 1 Schneider-electric | 1 Data Center Expert | 2023-02-07 | N/A | 9.8 CRITICAL |
A CWE 502: Deserialization of Untrusted Data vulnerability exists that could allow code to be remotely executed on the server when unsafely deserialized data is posted to the web server. Affected Products: Data Center Expert (Versions prior to V7.9.0) | |||||
CVE-2022-32519 | 1 Schneider-electric | 1 Data Center Expert | 2023-02-07 | N/A | 9.8 CRITICAL |
A CWE-257: Storing Passwords in a Recoverable Format vulnerability exists that could result in unwanted access to a DCE instance when performed over a network by a malicious third-party. Affected Products: Data Center Expert (Versions prior to V7.9.0) | |||||
CVE-2022-32518 | 1 Schneider-electric | 1 Data Center Expert | 2023-02-07 | N/A | 9.8 CRITICAL |
A CWE-522: Insufficiently Protected Credentials vulnerability exists that could result in unwanted access to a DCE instance when performed over a network by a malicious third-party. This CVE is unique from CVE-2022-32520. Affected Products: Data Center Expert (Versions prior to V7.9.0) | |||||
CVE-2022-32520 | 1 Schneider-electric | 1 Data Center Expert | 2023-02-07 | N/A | 9.8 CRITICAL |
A CWE-522: Insufficiently Protected Credentials vulnerability exists that could result in unwanted access to a DCE instance when performed over a network by a malicious third-party. This CVE is unique from CVE-2022-32518. Affected Products: Data Center Expert (Versions prior to V7.9.0) |