← Back

66074 Mge Network Management Card Transverse

66074_mge_network_management_card_transverse

Vendor: Schneider Electric • 4 CVEs

CVEs (4)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-7246
1Schneider Electric
166074 Mge Network Management Card Transverse
Nov 21, 2024
Apr 18, 2018
N/A· v4
9.8 CRITICAL· v3
5.0 MEDIUM· v2
A cleartext transmission of sensitive information vulnerability exists in Schneider Electric's 66074 MGE Network Management Card Transverse installed in MGE UPS and MGE STS. he integrated web server (Port 80/443/TCP) of...Show more
A cleartext transmission of sensitive information vulnerability exists in Schneider Electric's 66074 MGE Network Management Card Transverse installed in MGE UPS and MGE STS. he integrated web server (Port 80/443/TCP) of the affected devices could allow remote attackers to discover an administrative account. If default on device, it is not using a SSL in settings and if multiple request of the page "Access Control" (IP-address device/ups/pas_cont.htm) account data will be sent in cleartextShow less
CVE-2018-7245
1Schneider Electric
166074 Mge Network Management Card Transverse
Nov 21, 2024
Apr 18, 2018
N/A· v4
9.1 CRITICAL· v3
6.4 MEDIUM· v2
An improper authorization vulnerability exists In Schneider Electric's 66074 MGE Network Management Card Transverse installed in MGE UPS and MGE STS. The integrated web server (Port 80/443/TCP) of the affected devices co...Show more
An improper authorization vulnerability exists In Schneider Electric's 66074 MGE Network Management Card Transverse installed in MGE UPS and MGE STS. The integrated web server (Port 80/443/TCP) of the affected devices could allow a remote attacker to change UPS control and shutdown parameters or other critical settings without authorization.Show less
CVE-2018-7244
1Schneider Electric
166074 Mge Network Management Card Transverse
Nov 21, 2024
Apr 18, 2018
N/A· v4
5.3 MEDIUM· v3
5.0 MEDIUM· v2
An information disclosure vulnerability exists In Schneider Electric's 66074 MGE Network Management Card Transverse installed in MGE UPS and MGE STS. The integrated web server (Port 80/443/TCP) of the affected devices co...Show more
An information disclosure vulnerability exists In Schneider Electric's 66074 MGE Network Management Card Transverse installed in MGE UPS and MGE STS. The integrated web server (Port 80/443/TCP) of the affected devices could allow a remote attacker to obtain sensitive device information if network access was obtained.Show less
CVE-2018-7243
1Schneider Electric
166074 Mge Network Management Card Transverse
Nov 21, 2024
Apr 18, 2018
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
An authorization bypass vulnerability exists In Schneider Electric's 66074 MGE Network Management Card Transverse installed in MGE UPS and MGE STS. The integrated web server (Port 80/443/TCP) of the affected devices coul...Show more
An authorization bypass vulnerability exists In Schneider Electric's 66074 MGE Network Management Card Transverse installed in MGE UPS and MGE STS. The integrated web server (Port 80/443/TCP) of the affected devices could allow a remote attacker to get a full access to device, bypassing the authorization system.Show less