← Back

CVE-2022-46680

nvd nist
Published: May 22, 2023Modified: Nov 21, 2024

JSON object

Loading...
9.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD

Description

A CWE-319: Cleartext transmission of sensitive information vulnerability exists that could cause disclosure of sensitive information, denial of service, or modification of data if an attacker is able to intercept network traffic.

Affected (5)

Schneider Electric
5 products
Powerlogic Ion9000 Firmware
Powerlogic Ion7400 Firmware
Powerlogic Pm8000 Firmware
Powerlogic Ion8650 Firmware
Powerlogic Ion8800 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Powerlogic Ion9000 Firmware
Before 4.0.0
Running on/withPlatform Versions
Schneider Electric
Powerlogic Ion9000
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Powerlogic Ion7400 Firmware
Before 4.0.0
Running on/withPlatform Versions
Schneider Electric
Powerlogic Ion7400
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Powerlogic Pm8000 Firmware
Before 4.0.0
Running on/withPlatform Versions
Schneider Electric
Powerlogic Pm8000
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Powerlogic Ion8650 Firmware
All versions
Running on/withPlatform Versions
Schneider Electric
Powerlogic Ion8650
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Powerlogic Ion8800 Firmware
All versions
Running on/withPlatform Versions
Schneider Electric
Powerlogic Ion8800
All versions

Related CWEs

CWE-319
Cleartext Transmission of Sensitive Information
The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.

References (2)

Source: cybersecurity@se.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.