← Back

CVE-2017-7971

nvd nist
Published: Sep 26, 2017Modified: May 13, 2026

JSON object

Loading...
6.5
Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Exploitability: 2.8 / Impact: 3.6
Source: NVD

Description

A vulnerability exists in Schneider Electric's PowerSCADA Anywhere v1.0 redistributed with PowerSCADA Expert v8.1 and PowerSCADA Expert v8.2 and Citect Anywhere version 1.0 that allows the use of outdated cipher suites and improper verification of peer SSL Certificate.

Affected (2)

Schneider Electric
2 products
Powerscada Anywhere
Citect Anywhere
Configuration A
1 vulnerable · 2 platform
Vulnerable SoftwareAffected Versions
Powerscada Anywhere
Version 1.0
Running on/withPlatform Versions
Schneider Electric
Powerscada Expert
Version 8.1
Schneider Electric
Powerscada Expert
Version 8.2
Configuration B
1 vulnerable
Vulnerable SoftwareAffected Versions
Citect Anywhere
Version 1.0

Related CWEs

CWE-295
Improper Certificate Validation
The product does not validate, or incorrectly validates, a certificate.

References (6)

Source: cybersecurity@se.com
MitigationPatchVendor Advisory
Source: cybersecurity@se.com
Third Party AdvisoryVDB Entry
Source: cybersecurity@se.com
Issue TrackingMitigationPatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
MitigationPatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Issue TrackingMitigationPatchVendor Advisory

Timeline

No history available yet.