CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2018-7795
https://notcve.org/view.php?id=CVE-2018-7795
A Cross Protocol Injection vulnerability exists in Schneider Electric's PowerLogic (PM5560 prior to FW version 2.5.4) product. The vulnerability makes the product susceptible to cross site scripting attack on its web browser. User inputs can be manipulated to cause execution of java script code. Existe una vulnerabilidad de inyección de protocolos cruzados en el producto PowerLogic, de Schneider Electric (PM5560 anteriores a la versión de firmware 2.5.4). La vulnerabilidad hace que el producto sea susceptible a un ataque de Cross-Site Scripting (XSS) en su navegador web. • http://www.securityfocus.com/bid/105170 https://ics-cert.us-cert.gov/advisories/ICSA-18-240-03 https://www.schneider-electric.com/en/download/document/SEVD-2018-228-01 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.9EPSS: 0%CPEs: 1095EXPL: 0CVE-2018-3693 – Kernel: speculative bounds check bypass store
https://notcve.org/view.php?id=CVE-2018-3693
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis. Los sistemas con microprocesadores que emplean la ejecución especulativa y la predicción de ramas podría permitir la divulgación no autorizada de información a un atacante con acceso de usuario local mediante un desbordamiento de búfer especulativo y el análisis de canal lateral. An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions past bounds check. The flaw relies on the presence of a precisely-defined instruction sequence in the privileged code and the fact that memory writes occur to an address which depends on the untrusted value. Such writes cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). • https://access.redhat.com/errata/RHSA-2018:2384 https://access.redhat.com/errata/RHSA-2018:2390 https://access.redhat.com/errata/RHSA-2018:2395 https://access.redhat.com/errata/RHSA-2019:1946 https://access.redhat.com/errata/RHSA-2020:0174 https://cdrdv2.intel.com/v1/dl/getContent/685359 https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0 https://security.netapp.com/advisory/ntap-20180823-0001 https://www.oracle.com/s • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 0%CPEs: 40EXPL: 0CVE-2018-7781
https://notcve.org/view.php?id=CVE-2018-7781
In Schneider Electric Pelco Sarix Professional 1st generation cameras with firmware versions prior to 3.29.69, by sending a specially crafted request an authenticated user can view password in clear text and results in privilege escalation. En la primera generación de cámaras Schneider Electric Pelco Sarix Professional con versiones de firmware anteriores a la 3.29.69, al enviar una petición especialmente manipulada, un usuario autenticado puede visualizar la contraseña en texto claro y resulta en un escalado de privilegios. • https://www.schneider-electric.com/en/download/document/SEVD-2018-114-01 • CWE-311: Missing Encryption of Sensitive Data •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-7768
https://notcve.org/view.php?id=CVE-2018-7768
The vulnerability exists within processing of loadtemplate.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the tpl input parameter. Existe una vulnerabilidad en el procesamiento de loadtemplate.php en el software de Schneider Electric U.motion Builder en versiones anteriores a la v1.3.4. La consulta de la base de datos SQLite subyacente está sujeta a una inyección SQL en el parámetro de entrada tpl. • https://www.schneider-electric.com/en/download/document/SEVD-2018-095-01 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2018-7763
https://notcve.org/view.php?id=CVE-2018-7763
The vulnerability exists within css.inc.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The 'css' parameter contains a directory traversal vulnerability. Existe una vulnerabilidad en css.inc.php en el software de Schneider Electric U.motion Builder en versiones anteriores a la v1.3.4. El parámetro "css" contiene una vulnerabilidad de salto de directorio. • https://www.schneider-electric.com/en/download/document/SEVD-2018-095-01 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •