An Improper Authentication vulnerability in the Schweitzer Engineering Laboratories SEL-451 could allow a remote unauthenticated attacker to potentially perform session hijacking attack and bypass authentication.
See product Instruction Manual Appendix A dated 20230830 for more details.
An allocation of resources without limits or throttling vulnerability in the Schweitzer Engineering Laboratories SEL-451 could allow a remote authenticated attacker to make the system unavailable for an indefinite amount of time.
See product Instruction Manual Appendix A dated 20230830 for more details.
An input validation vulnerability in the Schweitzer Engineering Laboratories SEL-451 could allow a remote authenticated attacker to create a denial of service against the system and locking out services.
See product Instruction Manual Appendix A dated 20230830 for more details.
An Improper neutralization of input during web page generation in the Schweitzer Engineering Laboratories SEL-411L could allow an attacker to generate cross-site scripting based attacks against an authorized and authenticated user.
See product Instruction Manual Appendix A dated 20230830 for more details.
An Improper Input Validation vulnerability in Schweitzer Engineering Laboratories SEL-411L could allow an attacker to perform reflection attacks against an authorized and authenticated user.
See product Instruction Manual Appendix A dated 20230830 for more details.
An Insufficient Entropy vulnerability in the Schweitzer Engineering Laboratories SEL-451 could allow an unauthenticated remote attacker to brute-force session tokens and bypass authentication.
See product Instruction Manual Appendix A dated 20230830 for more details.
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in the Schweitzer Engineering Laboratories SEL-451 could allow an attacker to craft a link that could execute arbitrary code on a victim's system.
See product Instruction Manual Appendix A dated 20230830 for more details.
An improper input validation vulnerability in the Schweitzer Engineering Laboratories SEL-411L could allow a malicious actor to manipulate authorized users to click on a link that could allow undesired behavior.
See product Instruction Manual Appendix A dated 20230830 for more details.
An Improper Restriction of Rendered UI Layers or Frames in the Schweitzer Engineering Laboratories SEL-411L could allow an unauthenticated attacker to perform clickjacking based attacks against an authenticated and authorized user.
See product Instruction Manual Appendix A dated 20230830 for more details.
Insecure Inherited Permissions vulnerability in Schweitzer Engineering Laboratories SEL-5033 AcSELerator RTAC Software on Windows allows Leveraging/Manipulating Configuration File Search Paths.
See Instruction Manual Appendix A [Cybersecurity] tag dated 20230522 for more details.
This issue affects SEL-5033 AcSELerator RTAC Software: before 1.35.151.21000.