Schneider-electric Webreports — known CVE vulnerabilities
Every CVE whose affected-product data names Schneider-electric Webreports, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2020-7569 — CVSS 8.8 (high): A CWE-434 Unrestricted Upload of File with Dangerous Type vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1…
CVE-2020-7572 — CVSS 8.8 (high): A CWE-611 Improper Restriction of XML External Entity Reference vulnerability exists in EcoStruxure Building Operation WebReports V1.9 -…
CVE-2020-7573 — CVSS 6.5 (medium): A CWE-284 Improper Access Control vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause a remote…
CVE-2020-7570 — CVSS 5.4 (medium): A CWE-79 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting Stored) vulnerability exists in EcoStruxure…
CVE-2020-7571 — CVSS 5.4 (medium): A CWE-79 Multiple Improper Neutralization of Input During Web Page Generation (Cross-site Scripting Reflected) vulnerability exists in…