CVE-2023-28003
published 2023-04-18CVE-2023-28003: A CWE-613: Insufficient Session Expiration vulnerability exists that could allow an attacker to maintain unauthorized access over a hijacked session in PME…
high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
A CWE-613: Insufficient Session Expiration vulnerability exists that could allow an attacker to
maintain unauthorized access over a hijacked session in PME after the legitimate user has
signed out of their account.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| schneider-electric | ecostruxure_power_monitoring_expert | <= 2022 | — |
| schneider_electric | ecostruxure_power_monitoring_expert | All – PME 2022 | — |