Schneider-electric Custom Reports — known CVE vulnerabilities
Every CVE whose affected-product data names Schneider-electric Custom Reports, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2023-27980 — CVSS 8.8 (high): A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Data Server TCP interface that could allow the creation…
CVE-2023-27982 — CVSS 8.8 (high): A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists in the Data Server that could cause manipulation of…
CVE-2023-27981 — CVSS 7.8 (high): A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists in Custom Reports that could cause a remote code…
CVE-2023-27984 — CVSS 7.8 (high): A CWE-20: Improper Input Validation vulnerability exists in Custom Reports that could cause a macro to be executed, potentially leading to…
CVE-2023-27978 — CVSS 7.8 (high): A CWE-502: Deserialization of Untrusted Data vulnerability exists in the Dashboard module that could cause an interpretation of malicious…
CVE-2023-27979 — CVSS 6.5 (medium): A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists in the Data Server that could allow the renaming of files in…
CVE-2023-27983 — CVSS 6.5 (medium): A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Data Server TCP interface that could allow deletion of…
CVE-2023-27977 — CVSS 6.5 (medium): A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists in the Data Server that could cause access to delete files…