← Back

CVE-2023-5629

nvd nist
Published: Dec 14, 2023Modified: Nov 21, 2024

JSON object

Loading...
6.1
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Exploitability: 2.8 / Impact: 2.7
Source: NVD

Description

A CWE-601:URL Redirection to Untrusted Site (‘Open Redirect’) vulnerability exists that could cause disclosure of information through phishing attempts over HTTP.

Affected (16)

Schneider Electric
16 products
Eb450 Firmware
Eb45e Firmware
Eh450 Firmware
Eh45e Firmware
Er450 Firmware
Er45e Firmware
Jr240 Firmware
Jr900 Firmware
Qr450 Firmware
Qr150 Firmware
Qb450 Firmware
Qb150 Firmware
Qp450 Firmware
Qp150 Firmware
Qh450 Firmware
Qh150 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Eb450 Firmware
All versions
Running on/withPlatform Versions
Schneider Electric
Eb450
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Eb45e Firmware
All versions
Running on/withPlatform Versions
Schneider Electric
Eb45e
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Eh450 Firmware
All versions
Running on/withPlatform Versions
Schneider Electric
Eh450
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Eh45e Firmware
All versions
Running on/withPlatform Versions
Schneider Electric
Eh45e
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Er450 Firmware
All versions
Running on/withPlatform Versions
Schneider Electric
Er450
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Er45e Firmware
All versions
Running on/withPlatform Versions
Schneider Electric
Er45e
All versions
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Jr240 Firmware
All versions
Running on/withPlatform Versions
Schneider Electric
Jr240
All versions
Configuration H
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Jr900 Firmware
All versions
Running on/withPlatform Versions
Schneider Electric
Jr900
All versions
Configuration I
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Qr450 Firmware
Before 2.7.0
Running on/withPlatform Versions
Schneider Electric
Qr450
All versions
Configuration J
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Qr150 Firmware
Before 2.7.0
Running on/withPlatform Versions
Schneider Electric
Qr150
All versions
Configuration K
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Qb450 Firmware
Before 2.7.0
Running on/withPlatform Versions
Schneider Electric
Qb450
All versions
Configuration L
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Qb150 Firmware
Before 2.7.0
Running on/withPlatform Versions
Schneider Electric
Qb150
All versions
Configuration M
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Qp450 Firmware
Before 2.7.0
Running on/withPlatform Versions
Schneider Electric
Qp450
All versions
Configuration N
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Qp150 Firmware
Before 2.7.0
Running on/withPlatform Versions
Schneider Electric
Qp150
All versions
Configuration O
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Qh450 Firmware
Before 2.7.0
Running on/withPlatform Versions
Schneider Electric
Qh450
All versions
Configuration P
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Qh150 Firmware
Before 2.7.0
Running on/withPlatform Versions
Schneider Electric
Qh150
All versions

Related CWEs

CWE-601
URL Redirection to Untrusted Site ('Open Redirect')
A web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a Redirect. This simplifies phishing attacks.

References (2)

Source: cybersecurity@se.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.