CVE-2023-0595

CWE-117CWE-1163 documents3 sources
Severity
5.3MEDIUM
EPSS
0.4%
top 42.23%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
7
Schneider Electric Ecostruxure GEO Scada Expert 2019Schneider Electric Ecostruxure GEO Scada Expert 2020Schneider Electric Ecostruxure GEO Scada Expert 2021+4 more
Timeline
PublishedFeb 24

Description

A CWE-117: Improper Output Neutralization for Logs vulnerability exists that could cause the misinterpretation of log files when malicious packets are sent to the Geo SCADA server's database web port (default 443). Affected products: EcoStruxure Geo SCADA Expert 2019, EcoStruxure Geo SCADA Expert 2020, EcoStruxure Geo SCADA Expert 2021(All Versions prior to October 2022), ClearSCADA (All Versions)

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages7 packages

🔴Vulnerability Details

2
CVEList
CVE-2023-0595: A CWE-117: Improper Output Neutralization for Logs vulnerability exists that could cause the misinterpretation of log files when malicious packets are2023-02-24
GHSA
GHSA-27q3-84pw-qmf2: A CWE-117: Improper Output Neutralization for Logs vulnerability exists that could cause the misinterpretation of log files when malicious packets are2023-02-24
CVE-2023-0595 (MEDIUM CVSS 5.3) | A CWE-117: Improper Output Neutrali | cvebase.io