Search criteria
5 vulnerabilities found for EcoStruxure Geo SCADA Expert 2021 by Schneider Electric
VAR-202302-1810
Vulnerability from variot - Updated: 2023-12-18 13:26A CWE-117: Improper Output Neutralization for Logs vulnerability exists that could cause the misinterpretation of log files when malicious packets are sent to the Geo SCADA server's database web port (default 443). Affected products: EcoStruxure Geo SCADA Expert 2019, EcoStruxure Geo SCADA Expert 2020, EcoStruxure Geo SCADA Expert 2021(All Versions prior to October 2022), ClearSCADA (All Versions)
. Schneider Electric of ClearSCADA and EcoStruxure Geo SCADA Expert 2019 contains a vulnerability related to improper logging disablement.Information may be tampered with
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202302-1810",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.7641.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.8267.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7578.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.8015.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7545.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7690.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7488.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7322.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.7936.2"
},
{
"model": "ecostruxure geo scada expert 2021",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "84.8120.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7522.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.8172.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7429.2"
},
{
"model": "ecostruxure geo scada expert 2021",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "84.8269.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.7875.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7777.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.7742.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.7809.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.8197.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.8108.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.8122.2"
},
{
"model": "ecostruxure geo scada expert 2021",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "84.8218.1"
},
{
"model": "ecostruxure geo scada expert 2021",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "84.8158.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7936.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7457.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.8197.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.7551.1"
},
{
"model": "ecostruxure geo scada expert 2021",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "84.8108.1"
},
{
"model": "clearscada",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "*"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.8122.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.8220.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.7787.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.7692.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7641.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7980.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.8108.2"
},
{
"model": "ecostruxure geo scada expert 2021",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7742.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.8221.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7808.2"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7896.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.7578.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.7613.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.7980.2"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.7717.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.8267.1"
},
{
"model": "ecostruxure geo scada expert 2021",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "84.8027.1"
},
{
"model": "ecostruxure geo scada expert 2021",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "84.8182.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.8017.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7875.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.7840.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.8155.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7840.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7714.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.8181.1"
},
{
"model": "ecostruxure geo scada expert 2021",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "84.8197.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7268.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.7913.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7613.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.8155.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "clearscada",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-004517"
},
{
"db": "NVD",
"id": "CVE-2023-0595"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:clearscada:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2021:84.8108.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2021:84.8120.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2021:84.8158.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2021:84.8182.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2021:84.8197.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2021:84.8218.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2021:84.8269.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2021:84.8027.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7268.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7322.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7429.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7457.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7488.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7522.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7545.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7578.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7613.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7641.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7690.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7714.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7742.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7777.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7808.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7840.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7875.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7896.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7936.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7980.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.8015.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.8108.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.8122.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.8155.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.8172.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.8197.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.8220.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.8267.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7551.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7578.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7613.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7641.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7692.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7717.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7742.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7787.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7809.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7840.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7875.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7913.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7936.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7980.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.8017.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.8108.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.8122.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.8155.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.8181.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.8197.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.8221.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.8267.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2021:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-0595"
}
]
},
"cve": "CVE-2023-0595",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2023-0595",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2023-0595",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "cybersecurity@se.com",
"id": "CVE-2023-0595",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202302-1985",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-004517"
},
{
"db": "NVD",
"id": "CVE-2023-0595"
},
{
"db": "NVD",
"id": "CVE-2023-0595"
},
{
"db": "CNNVD",
"id": "CNNVD-202302-1985"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A CWE-117: Improper Output Neutralization for Logs vulnerability exists that could cause the misinterpretation of log files when malicious packets are sent to the Geo SCADA server\u0027s database web port (default 443). Affected products: EcoStruxure Geo SCADA Expert 2019, EcoStruxure Geo SCADA Expert 2020, EcoStruxure Geo SCADA Expert 2021(All Versions prior to October 2022), ClearSCADA (All Versions)\n\n. Schneider Electric of ClearSCADA and EcoStruxure Geo SCADA Expert 2019 contains a vulnerability related to improper logging disablement.Information may be tampered with",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-0595"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-004517"
},
{
"db": "VULHUB",
"id": "VHN-453650"
},
{
"db": "VULMON",
"id": "CVE-2023-0595"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-0595",
"trust": 3.4
},
{
"db": "SCHNEIDER",
"id": "SEVD-2023-045-01",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2023-004517",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202302-1985",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-453650",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2023-0595",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-453650"
},
{
"db": "VULMON",
"id": "CVE-2023-0595"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-004517"
},
{
"db": "NVD",
"id": "CVE-2023-0595"
},
{
"db": "CNNVD",
"id": "CNNVD-202302-1985"
}
]
},
"id": "VAR-202302-1810",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-453650"
}
],
"trust": 0.7287037
},
"last_update_date": "2023-12-18T13:26:44.988000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "EcoStruxure Geo SCADA Expert Security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=227643"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202302-1985"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-117",
"trust": 1.1
},
{
"problemtype": "Disabling inappropriate logging (CWE-117) [ others ]",
"trust": 0.8
},
{
"problemtype": "CWE-116",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-453650"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-004517"
},
{
"db": "NVD",
"id": "CVE-2023-0595"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://download.schneider-electric.com/files?p_doc_ref=sevd-2023-045-01\u0026p_endoctype=security+and+safety+notice\u0026p_file_name=sevd-2023-045-01.pdf"
},
{
"trust": 0.8,
"url": "https://www.se.com/ww/en/download/document/sevd-2023-045-01/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-0595"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2023-0595/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/117.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-453650"
},
{
"db": "VULMON",
"id": "CVE-2023-0595"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-004517"
},
{
"db": "NVD",
"id": "CVE-2023-0595"
},
{
"db": "CNNVD",
"id": "CNNVD-202302-1985"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-453650"
},
{
"db": "VULMON",
"id": "CVE-2023-0595"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-004517"
},
{
"db": "NVD",
"id": "CVE-2023-0595"
},
{
"db": "CNNVD",
"id": "CNNVD-202302-1985"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-02-24T00:00:00",
"db": "VULHUB",
"id": "VHN-453650"
},
{
"date": "2023-02-24T00:00:00",
"db": "VULMON",
"id": "CVE-2023-0595"
},
{
"date": "2023-10-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-004517"
},
{
"date": "2023-02-24T11:15:10.643000",
"db": "NVD",
"id": "CVE-2023-0595"
},
{
"date": "2023-02-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202302-1985"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-03-03T00:00:00",
"db": "VULHUB",
"id": "VHN-453650"
},
{
"date": "2023-02-24T00:00:00",
"db": "VULMON",
"id": "CVE-2023-0595"
},
{
"date": "2023-10-31T02:03:00",
"db": "JVNDB",
"id": "JVNDB-2023-004517"
},
{
"date": "2023-04-18T21:15:07.723000",
"db": "NVD",
"id": "CVE-2023-0595"
},
{
"date": "2023-04-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202302-1985"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202302-1985"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Schneider\u00a0Electric\u00a0 of \u00a0ClearSCADA\u00a0 and \u00a0EcoStruxure\u00a0Geo\u00a0SCADA\u00a0Expert\u00a02019\u00a0 Vulnerability related to improper log output disabling in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-004517"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202302-1985"
}
],
"trust": 0.6
}
}
VAR-202301-2353
Vulnerability from variot - Updated: 2023-12-18 11:55A CWE-863: Incorrect Authorization vulnerability exists that could cause Denial of Service against the Geo SCADA server when specific messages are sent to the server over the database server TCP port. Geo SCADA An unspecified vulnerability exists in the server.Service operation interruption (DoS) It may be in a state. Affected Products: EcoStruxure Geo SCADA Expert 2019 - 2021 (formerly known as ClearSCADA) (Versions prior to October 2022)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202301-2353",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.7641.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.8267.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7578.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.8015.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7545.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7690.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7488.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7322.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.7936.2"
},
{
"model": "ecostruxure geo scada expert 2021",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "84.8120.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7522.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.8172.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7429.2"
},
{
"model": "ecostruxure geo scada expert 2021",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "84.8269.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.7875.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7777.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.7742.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.7809.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.8197.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.8108.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.8122.2"
},
{
"model": "ecostruxure geo scada expert 2021",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "84.8218.1"
},
{
"model": "ecostruxure geo scada expert 2021",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "84.8158.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7936.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7457.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.8197.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.7551.1"
},
{
"model": "ecostruxure geo scada expert 2021",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "84.8108.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.8122.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.8220.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.7787.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.7692.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7641.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7980.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.8108.2"
},
{
"model": "ecostruxure geo scada expert 2021",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7742.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.8221.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7808.2"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7896.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.7578.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.7613.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.7980.2"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.7717.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.8267.1"
},
{
"model": "ecostruxure geo scada expert 2021",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "84.8027.1"
},
{
"model": "ecostruxure geo scada expert 2021",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "84.8182.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.8017.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7875.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.7840.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.8155.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7840.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7714.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.8181.1"
},
{
"model": "ecostruxure geo scada expert 2021",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "84.8197.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7268.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.7913.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7613.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.8155.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "ecostruxure geo scada expert 2021",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-002975"
},
{
"db": "NVD",
"id": "CVE-2023-22610"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2021:84.8108.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2021:84.8120.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2021:84.8158.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2021:84.8182.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2021:84.8197.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2021:84.8218.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2021:84.8269.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2021:84.8027.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7268.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7322.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7429.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7457.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7488.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7522.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7545.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7578.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7613.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7641.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7690.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7714.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7742.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7777.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7808.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7840.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7875.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7896.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7936.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7980.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.8015.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.8108.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.8122.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.8155.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.8172.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.8197.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.8220.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.8267.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7551.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7578.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7613.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7641.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7692.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7717.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7742.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7787.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7809.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7840.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7875.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7913.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7936.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7980.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.8017.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.8108.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.8122.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.8155.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.8181.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.8197.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.8221.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.8267.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2021:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-22610"
}
]
},
"cve": "CVE-2023-22610",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "cybersecurity@se.com",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2023-22610",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2023-22610",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "cybersecurity@se.com",
"id": "CVE-2023-22610",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-202301-2427",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-002975"
},
{
"db": "NVD",
"id": "CVE-2023-22610"
},
{
"db": "NVD",
"id": "CVE-2023-22610"
},
{
"db": "CNNVD",
"id": "CNNVD-202301-2427"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "\nA CWE-863: Incorrect Authorization vulnerability exists that could cause Denial of\nService against the Geo SCADA server when specific messages are sent to the server over the\ndatabase server TCP port. Geo SCADA An unspecified vulnerability exists in the server.Service operation interruption (DoS) It may be in a state. Affected Products: EcoStruxure Geo SCADA Expert 2019 - 2021 (formerly known as ClearSCADA) (Versions prior to October 2022)",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-22610"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-002975"
},
{
"db": "VULMON",
"id": "CVE-2023-22610"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-22610",
"trust": 3.3
},
{
"db": "SCHNEIDER",
"id": "SEVD-2023-010-02",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2023-002975",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202301-2427",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2023-22610",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2023-22610"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-002975"
},
{
"db": "NVD",
"id": "CVE-2023-22610"
},
{
"db": "CNNVD",
"id": "CNNVD-202301-2427"
}
]
},
"id": "VAR-202301-2353",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.6287037
},
"last_update_date": "2023-12-18T11:55:02.823000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SEVD-2023-010-02",
"trust": 0.8,
"url": "https://download.schneider-electric.com/files?p_doc_ref=sevd-2023-010-02\u0026p_endoctype=security+and+safety+notice\u0026p_file_name=sevd-2023-010-02_geo_scada_security_notification.pdf"
},
{
"title": "EcoStruxure Geo SCADA Expert Security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=224263"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-002975"
},
{
"db": "CNNVD",
"id": "CNNVD-202301-2427"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-863",
"trust": 1.0
},
{
"problemtype": "others (CWE-Other) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-002975"
},
{
"db": "NVD",
"id": "CVE-2023-22610"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://download.schneider-electric.com/files?p_doc_ref=sevd-2023-010-02\u0026p_endoctype=security+and+safety+notice\u0026p_file_name=sevd-2023-010-02_geo_scada_security_notification.pdf"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-22610"
},
{
"trust": 0.6,
"url": "https://www.se.com/ww/en/download/document/sevd-2023-010-02/"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2023-22610/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/285.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2023-22610"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-002975"
},
{
"db": "NVD",
"id": "CVE-2023-22610"
},
{
"db": "CNNVD",
"id": "CNNVD-202301-2427"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2023-22610"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-002975"
},
{
"db": "NVD",
"id": "CVE-2023-22610"
},
{
"db": "CNNVD",
"id": "CNNVD-202301-2427"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-01-31T00:00:00",
"db": "VULMON",
"id": "CVE-2023-22610"
},
{
"date": "2023-08-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-002975"
},
{
"date": "2023-01-31T17:15:08.827000",
"db": "NVD",
"id": "CVE-2023-22610"
},
{
"date": "2023-01-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202301-2427"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-02-03T00:00:00",
"db": "VULMON",
"id": "CVE-2023-22610"
},
{
"date": "2023-08-28T05:56:00",
"db": "JVNDB",
"id": "JVNDB-2023-002975"
},
{
"date": "2023-06-14T08:15:08.860000",
"db": "NVD",
"id": "CVE-2023-22610"
},
{
"date": "2023-06-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202301-2427"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202301-2427"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Geo\u00a0SCADA\u00a0 Vulnerabilities in the server",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-002975"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202301-2427"
}
],
"trust": 0.6
}
}
VAR-202301-2352
Vulnerability from variot - Updated: 2023-12-18 11:55A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could cause information disclosure when specific messages are sent to the server over the database server TCP port. Affected Products: EcoStruxure Geo SCADA Expert 2019 - 2021 (formerly known as ClearSCADA) (Versions prior to October 2022). EcoStruxure Geo SCADA Expert 2019 from 2021 ( old name ClearSCADA) Exists in unspecified vulnerabilities.Information may be obtained
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202301-2352",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.7641.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.8267.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7578.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.8015.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7545.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7690.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7488.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7322.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.7936.2"
},
{
"model": "ecostruxure geo scada expert 2021",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "84.8120.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7522.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.8172.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7429.2"
},
{
"model": "ecostruxure geo scada expert 2021",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "84.8269.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.7875.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7777.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.7742.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.7809.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.8197.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.8108.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.8122.2"
},
{
"model": "ecostruxure geo scada expert 2021",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "84.8218.1"
},
{
"model": "ecostruxure geo scada expert 2021",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "84.8158.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7936.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7457.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.8197.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.7551.1"
},
{
"model": "ecostruxure geo scada expert 2021",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "84.8108.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.8122.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.8220.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.7787.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.7692.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7641.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7980.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.8108.2"
},
{
"model": "ecostruxure geo scada expert 2021",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7742.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.8221.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7808.2"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7896.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.7578.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.7613.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.7980.2"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.7717.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.8267.1"
},
{
"model": "ecostruxure geo scada expert 2021",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "84.8027.1"
},
{
"model": "ecostruxure geo scada expert 2021",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "84.8182.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.8017.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7875.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.7840.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.8155.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7840.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7714.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.8181.1"
},
{
"model": "ecostruxure geo scada expert 2021",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "84.8197.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7268.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.7913.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "81.7613.1"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "83.8155.1"
},
{
"model": "ecostruxure geo scada expert 2019",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "ecostruxure geo scada expert 2021",
"scope": "eq",
"trust": 0.8,
"vendor": "schneider electric",
"version": "october 2022 before that"
},
{
"model": "ecostruxure geo scada expert 2020",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-002976"
},
{
"db": "NVD",
"id": "CVE-2023-22611"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2021:84.8108.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2021:84.8120.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2021:84.8158.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2021:84.8182.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2021:84.8197.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2021:84.8218.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2021:84.8269.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2021:84.8027.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7268.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7322.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7429.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7457.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7488.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7522.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7545.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7578.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7613.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7641.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7690.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7714.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7742.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7777.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7808.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7840.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7875.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7896.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7936.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7980.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.8015.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.8108.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.8122.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.8155.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.8172.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.8197.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.8220.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.8267.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7551.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7578.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7613.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7641.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7692.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7717.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7742.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7787.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7809.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7840.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7875.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7913.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7936.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7980.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.8017.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.8108.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.8122.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.8155.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.8181.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.8197.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.8221.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.8267.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2021:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-22611"
}
]
},
"cve": "CVE-2023-22611",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2023-002976",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2023-22611",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cybersecurity@se.com",
"id": "CVE-2023-22611",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "OTHER",
"id": "JVNDB-2023-002976",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202301-2426",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-002976"
},
{
"db": "NVD",
"id": "CVE-2023-22611"
},
{
"db": "NVD",
"id": "CVE-2023-22611"
},
{
"db": "CNNVD",
"id": "CNNVD-202301-2426"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could cause information disclosure when specific messages are sent to the server over the database server TCP port. Affected Products: EcoStruxure Geo SCADA Expert 2019 - 2021 (formerly known as ClearSCADA) (Versions prior to October 2022). EcoStruxure Geo SCADA Expert 2019 from 2021 ( old name ClearSCADA) Exists in unspecified vulnerabilities.Information may be obtained",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-22611"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-002976"
},
{
"db": "VULMON",
"id": "CVE-2023-22611"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-22611",
"trust": 3.3
},
{
"db": "SCHNEIDER",
"id": "SEVD-2023-010-02",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2023-002976",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202301-2426",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2023-22611",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2023-22611"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-002976"
},
{
"db": "NVD",
"id": "CVE-2023-22611"
},
{
"db": "CNNVD",
"id": "CNNVD-202301-2426"
}
]
},
"id": "VAR-202301-2352",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.6287037
},
"last_update_date": "2023-12-18T11:55:02.799000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SEVD-2023-010-02",
"trust": 0.8,
"url": "https://download.schneider-electric.com/files?p_doc_ref=sevd-2023-010-02\u0026p_endoctype=security+and+safety+notice\u0026p_file_name=sevd-2023-010-02_geo_scada_security_notification.pdf"
},
{
"title": "EcoStruxure Geo SCADA Expert Repair measures for information disclosure vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=224262"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-002976"
},
{
"db": "CNNVD",
"id": "CNNVD-202301-2426"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "Lack of information (CWE-noinfo) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-002976"
},
{
"db": "NVD",
"id": "CVE-2023-22611"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://download.schneider-electric.com/files?p_doc_ref=sevd-2023-010-02\u0026p_endoctype=security+and+safety+notice\u0026p_file_name=sevd-2023-010-02_geo_scada_security_notification.pdf"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-22611"
},
{
"trust": 0.6,
"url": "https://www.se.com/ww/en/download/document/sevd-2023-010-02/"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2023-22611/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/200.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2023-22611"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-002976"
},
{
"db": "NVD",
"id": "CVE-2023-22611"
},
{
"db": "CNNVD",
"id": "CNNVD-202301-2426"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2023-22611"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-002976"
},
{
"db": "NVD",
"id": "CVE-2023-22611"
},
{
"db": "CNNVD",
"id": "CNNVD-202301-2426"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-01-31T00:00:00",
"db": "VULMON",
"id": "CVE-2023-22611"
},
{
"date": "2023-08-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-002976"
},
{
"date": "2023-01-31T17:15:08.927000",
"db": "NVD",
"id": "CVE-2023-22611"
},
{
"date": "2023-01-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202301-2426"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-02-03T00:00:00",
"db": "VULMON",
"id": "CVE-2023-22611"
},
{
"date": "2023-08-28T06:02:00",
"db": "JVNDB",
"id": "JVNDB-2023-002976"
},
{
"date": "2023-02-07T19:56:57.870000",
"db": "NVD",
"id": "CVE-2023-22611"
},
{
"date": "2023-02-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202301-2426"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202301-2426"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0EcoStruxure\u00a0Geo\u00a0SCADA\u00a0Expert\u00a0 product \u00a0( old name \u00a0ClearSCADA)\u00a0 Vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-002976"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202301-2426"
}
],
"trust": 0.6
}
}
CVE-2023-0595 (GCVE-0-2023-0595)
Vulnerability from cvelistv5 – Published: 2023-02-24 00:00 – Updated: 2025-02-05 20:06
VLAI?
Summary
A CWE-117: Improper Output Neutralization for Logs vulnerability exists that could cause the misinterpretation of log files when malicious packets are sent to the Geo SCADA server's database web port (default 443). Affected products: EcoStruxure Geo SCADA Expert 2019, EcoStruxure Geo SCADA Expert 2020, EcoStruxure Geo SCADA Expert 2021(All Versions prior to October 2022), ClearSCADA (All Versions)
Severity ?
5.3 (Medium)
CWE
- CWE-117 - Improper Output Neutralization for Logs
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Schneider Electric | EcoStruxure Geo SCADA Expert 2019 |
Affected:
All , ≤ October 2022
(custom)
|
|||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:17:50.139Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-045-01\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2023-045-01.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-0595",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-05T19:54:54.186453Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T20:06:14.347Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "EcoStruxure Geo SCADA Expert 2019",
"vendor": "Schneider Electric",
"versions": [
{
"lessThanOrEqual": "October 2022",
"status": "affected",
"version": "All",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EcoStruxure Geo SCADA Expert 2020",
"vendor": "Schneider Electric",
"versions": [
{
"lessThanOrEqual": "October 2022",
"status": "affected",
"version": "All",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EcoStruxure Geo SCADA Expert 2021",
"vendor": "Schneider Electric",
"versions": [
{
"lessThanOrEqual": "October 2022",
"status": "affected",
"version": "All ",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ClearSCADA ",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "All Versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA CWE-117: Improper Output Neutralization for Logs vulnerability exists that could cause the misinterpretation of log files when malicious packets are sent to the Geo SCADA server\u0027s database web port (default 443). Affected products: EcoStruxure Geo SCADA Expert 2019, EcoStruxure Geo SCADA Expert 2020, EcoStruxure Geo SCADA Expert 2021(All Versions prior to October 2022), ClearSCADA (All Versions)\u003c/p\u003e"
}
],
"value": "A CWE-117: Improper Output Neutralization for Logs vulnerability exists that could cause the misinterpretation of log files when malicious packets are sent to the Geo SCADA server\u0027s database web port (default 443). Affected products: EcoStruxure Geo SCADA Expert 2019, EcoStruxure Geo SCADA Expert 2020, EcoStruxure Geo SCADA Expert 2021(All Versions prior to October 2022), ClearSCADA (All Versions)\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-117",
"description": "CWE-117 Improper Output Neutralization for Logs",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-18T20:15:26.476Z",
"orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"shortName": "schneider"
},
"references": [
{
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-045-01\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2023-045-01.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"assignerShortName": "schneider",
"cveId": "CVE-2023-0595",
"datePublished": "2023-02-24T00:00:00.000Z",
"dateReserved": "2023-01-31T00:00:00.000Z",
"dateUpdated": "2025-02-05T20:06:14.347Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-0595 (GCVE-0-2023-0595)
Vulnerability from nvd – Published: 2023-02-24 00:00 – Updated: 2025-02-05 20:06
VLAI?
Summary
A CWE-117: Improper Output Neutralization for Logs vulnerability exists that could cause the misinterpretation of log files when malicious packets are sent to the Geo SCADA server's database web port (default 443). Affected products: EcoStruxure Geo SCADA Expert 2019, EcoStruxure Geo SCADA Expert 2020, EcoStruxure Geo SCADA Expert 2021(All Versions prior to October 2022), ClearSCADA (All Versions)
Severity ?
5.3 (Medium)
CWE
- CWE-117 - Improper Output Neutralization for Logs
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Schneider Electric | EcoStruxure Geo SCADA Expert 2019 |
Affected:
All , ≤ October 2022
(custom)
|
|||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:17:50.139Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-045-01\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2023-045-01.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-0595",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-05T19:54:54.186453Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T20:06:14.347Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "EcoStruxure Geo SCADA Expert 2019",
"vendor": "Schneider Electric",
"versions": [
{
"lessThanOrEqual": "October 2022",
"status": "affected",
"version": "All",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EcoStruxure Geo SCADA Expert 2020",
"vendor": "Schneider Electric",
"versions": [
{
"lessThanOrEqual": "October 2022",
"status": "affected",
"version": "All",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EcoStruxure Geo SCADA Expert 2021",
"vendor": "Schneider Electric",
"versions": [
{
"lessThanOrEqual": "October 2022",
"status": "affected",
"version": "All ",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ClearSCADA ",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "All Versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA CWE-117: Improper Output Neutralization for Logs vulnerability exists that could cause the misinterpretation of log files when malicious packets are sent to the Geo SCADA server\u0027s database web port (default 443). Affected products: EcoStruxure Geo SCADA Expert 2019, EcoStruxure Geo SCADA Expert 2020, EcoStruxure Geo SCADA Expert 2021(All Versions prior to October 2022), ClearSCADA (All Versions)\u003c/p\u003e"
}
],
"value": "A CWE-117: Improper Output Neutralization for Logs vulnerability exists that could cause the misinterpretation of log files when malicious packets are sent to the Geo SCADA server\u0027s database web port (default 443). Affected products: EcoStruxure Geo SCADA Expert 2019, EcoStruxure Geo SCADA Expert 2020, EcoStruxure Geo SCADA Expert 2021(All Versions prior to October 2022), ClearSCADA (All Versions)\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-117",
"description": "CWE-117 Improper Output Neutralization for Logs",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-18T20:15:26.476Z",
"orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"shortName": "schneider"
},
"references": [
{
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-045-01\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2023-045-01.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"assignerShortName": "schneider",
"cveId": "CVE-2023-0595",
"datePublished": "2023-02-24T00:00:00.000Z",
"dateReserved": "2023-01-31T00:00:00.000Z",
"dateUpdated": "2025-02-05T20:06:14.347Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}