CVE-2023-2267

Published: Nov 30, 2023Modified: Nov 21, 2024

5.4

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

Exploitability: 2.8 / Impact: 2.5

Source: NVD

Description

An Improper Input Validation vulnerability in Schweitzer Engineering Laboratories SEL-411L could allow an attacker to perform reflection attacks against an authorized and authenticated user. See product Instruction Manual Appendix A dated 20230830 for more details.

Affected (12)

Products: Selinc: Sel 411l Firmware

Selinc

1 product

Sel 411l Firmware

Configuration A

12 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Selinc Sel 411l Firmware	From r118-v0 to r118-v4
Selinc Sel 411l Firmware	From r119-v0 to r119-v5
Selinc Sel 411l Firmware	From r120-v0 to r120-v6
Selinc Sel 411l Firmware	From r121-v0 to r121-v3
Selinc Sel 411l Firmware	From r122-v0 to r122-v3
Selinc Sel 411l Firmware	From r123-v0 to r123-v3
Selinc Sel 411l Firmware	From r124-v0 to r124-v3
Selinc Sel 411l Firmware	From r125-v0 to r125-v3
Selinc Sel 411l Firmware	From r126-v0 to r126-v4
Selinc Sel 411l Firmware	From r127-v0 to r127-v2
Selinc Sel 411l Firmware	Version r128-v0
Selinc Sel 411l Firmware	Version r129-v0

Running on/with	Platform Versions
Selinc Sel 411l	All versions

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (2)

https://selinc.com/support/security-notifications/external-reports/

Source: security@selinc.com

Vendor Advisory

https://selinc.com/support/security-notifications/external-reports/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.