CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-7547

A CWE-284: Improper Access Control vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software (see security notification for version information) that could allow a user the ability to perform actions via the web interface at a higher privilege level.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 57.2%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.5

References

Products affected by CVE-2020-7547

Schneider-Electric » Ecostruxure Energy Expert » Version: 2.0

cpe:2.3:a:schneider-electric:ecostruxure_energy_expert:2.0
Schneider-Electric » Ecostruxure Power Monitoring Expert » Version: 7.0

cpe:2.3:a:schneider-electric:ecostruxure_power_monitoring_expert:7.0
Schneider-Electric » Ecostruxure Power Monitoring Expert » Version: 8.0

cpe:2.3:a:schneider-electric:ecostruxure_power_monitoring_expert:8.0
Schneider-Electric » Ecostruxure Power Monitoring Expert » Version: 9.0

cpe:2.3:a:schneider-electric:ecostruxure_power_monitoring_expert:9.0
Schneider-Electric » Power Manager » Version: 1.1

cpe:2.3:a:schneider-electric:power_manager:1.1
Schneider-Electric » Power Manager » Version: 1.2

cpe:2.3:a:schneider-electric:power_manager:1.2
Schneider-Electric » Power Manager » Version: 1.3

cpe:2.3:a:schneider-electric:power_manager:1.3
Schneider-Electric » Powerscada Expert With Advanced Reporting And Dashboards » Version: 8.0

cpe:2.3:a:schneider-electric:powerscada_expert_with_advanced_reporting_and_dashboards:8.0
Schneider-Electric » Powerscada Operation With Advanced Reporting And Dashboards » Version: 9.0

cpe:2.3:a:schneider-electric:powerscada_operation_with_advanced_reporting_and_dashboards:9.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-7547

Products

Pricing

Contact Us