CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-3001

A CWE-502: Deserialization of Untrusted Data vulnerability exists in the Dashboard module that could cause an interpretation of malicious payload data, potentially leading to remote code execution when an attacker gets the user to open a malicious file.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.046

EPSS Ranking 88.7%

CVSS Severity

CVSS v3 Score 7.8

References

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-164-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-164-02.pdf
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-164-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-164-02.pdf

Products affected by CVE-2023-3001

Schneider-Electric » Igss Dashboard » Version: N/A

cpe:2.3:a:schneider-electric:igss_dashboard:-
Schneider-Electric » Igss Dashboard » Version: 16.0.0.23040

cpe:2.3:a:schneider-electric:igss_dashboard:16.0.0.23040
Schneider-Electric » Igss Dashboard » Version: 16.0.0.23130

cpe:2.3:a:schneider-electric:igss_dashboard:16.0.0.23130

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-3001

Products

Pricing

Contact Us