CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-7561

A CWE-306: Missing Authentication for Critical Function vulnerability exists in Easergy T300 (with firmware 2.7 and older) that could cause a wide range of problems, including information exposure, denial of service, and command execution when access to a resource from an attacker is not restricted or incorrectly restricted.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.016

EPSS Ranking 80.6%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

Products affected by CVE-2020-7561

Schneider-Electric » Easergy T300 » Version: N/A

cpe:2.3:h:schneider-electric:easergy_t300:-
Schneider-Electric » Easergy T300 Firmware » Version: N/A

cpe:2.3:o:schneider-electric:easergy_t300_firmware:-
Schneider-Electric » Easergy T300 Firmware » Version: 1.5.2

cpe:2.3:o:schneider-electric:easergy_t300_firmware:1.5.2
Schneider-Electric » Easergy T300 Firmware » Version: 2.7

cpe:2.3:o:schneider-electric:easergy_t300_firmware:2.7

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-7561

Products

Pricing

Contact Us