Description
A CWE-319: Cleartext transmission of sensitive information vulnerability exists that could cause disclosure of sensitive information, denial of service, or modification of data if an attacker is able to intercept network traffic.
CVSS Metrics
- Vector
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- Attack Vector
- network
- Complexity
- low
- Privileges
- none
- User Action
- required
- Scope
- unchanged
- Confidentiality
- high
- Integrity
- high
- Availability
- high
- Weaknesses
- CWE-319
Metadata
- Primary Vendor
- SCHNEIDER-ELECTRIC
- Published
- 5/22/2023
- Last Modified
- 11/21/2024
- Source
- NIST NVD
- Note: Verify all details with official vendor sources before applying patches.
Affected Products
schneider-electric : powerlogic_ion9000_firmwareschneider-electric : powerlogic_ion7400_firmwareschneider-electric : powerlogic_pm8000_firmwareschneider-electric : powerlogic_ion8650_firmwareschneider-electric : powerlogic_ion8800_firmware
AI-Powered Remediation
Generate remediation guidance or a C-suite brief for this vulnerability.