CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-30238

A CWE-287: Improper Authentication vulnerability exists that could allow an attacker to take over the admin account when an attacker hijacks a session. Affected Products: Wiser Smart, EER21000 & EER21001 (V4.5 and prior)

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 36.2%

CVSS Severity

CVSS v3 Score 8.3

CVSS v2 Score 7.5

References

https://www.se.com/ww/en/download/document/SEVD-2022-130-03/
https://www.se.com/ww/en/download/document/SEVD-2022-130-03/

Products affected by CVE-2022-30238

Schneider-Electric » Wiser Smart Eer21000 » Version: N/A

cpe:2.3:h:schneider-electric:wiser_smart_eer21000:-
Schneider-Electric » Wiser Smart Eer21001 » Version: N/A

cpe:2.3:h:schneider-electric:wiser_smart_eer21001:-
Schneider-Electric » Wiser Smart Eer21000 Firmware » Version: 4.5

cpe:2.3:o:schneider-electric:wiser_smart_eer21000_firmware:4.5
Schneider-Electric » Wiser Smart Eer21001 Firmware » Version: 4.5

cpe:2.3:o:schneider-electric:wiser_smart_eer21001_firmware:4.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-30238

Products

Pricing

Contact Us