VDB
CVE-2022-30238
CVE-2022-30238
PUBLISHED
CVSS 8.300000190734863 HIGH
A CWE-287: Improper Authentication vulnerability exists that could allow an attacker to take over the admin account when an attacker hijacks a session. Affected Products: Wiser Smart, EER21000 & EER21001 (V4.5 and prior)
EPSS 0.36% · 58.0th percentile
Risk Scores
CVSS v3.1
8.300000190734863
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
EPSS Score
0.36%
58.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| schneider-electric | wiser_smart_eer21001_firmware | 0 |
| Schneider Electric | Wiser Smart | EER21000, EER21001 |
| schneider-electric | wiser_smart_eer21000_firmware | 0 |
Timeline
- May 10, 2022 CVE Published
- Jun 3, 2022 EPSS Score
- Jul 22, 2022 EPSS Score
- Aug 22, 2022 CVE Updated
- Sep 9, 2022 EPSS Score
- Oct 27, 2022 EPSS Score
- Dec 15, 2022 EPSS Score
- Feb 1, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Mar 21, 2023 EPSS Score
- May 9, 2023 EPSS Score
- Jun 26, 2023 EPSS Score
References
- https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-130-01_PowerLogic_ION_Setup_Security_Notification.pdf&p_Doc_Ref=SEVD-2022-130-01 advisory
- https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-130-02_Saitel_DP_RTU_Security_Notification.pdf&p_Doc_Ref=SEVD-2022-130-02 advisory
- https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2021-313-05_Badalloc_Vulnerabilities_Security_Notification_V7.0.pdf&p_Doc_Ref=SEVD-2021-313-05 advisory
- https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-130-03_WiserSmart_Security_Notification.pdf&p_Doc_Ref=SEVD-2022-130-03 advisory
- https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2021-313-03_APC_NMC_Security_Notification_V2.0.pdf&p_Doc_Ref=SEVD-2021-313-03 advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-067-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-067-02_APC-Smart-UPS_Security_Notification_V6.0.pdf advisory
- https://www.se.com/ww/en/download/document/SEVD-2022-130-03/ url
- https://nvd.nist.gov/vuln/detail/CVE-2022-30238 advisory
- https://www.se.com/ww/en/download/document/SEVD-2022-130-03 url