Schneider Electric Netbotz 4 355 450 455 550 570 vulnerabilities
3 known vulnerabilities affecting schneider_electric/netbotz_4_355_450_455_550_570.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2022-43377HIGHCVSS 7.5vV4.7.0 and prior2023-04-18
CVE-2022-43377 [HIGH] CWE-307 CVE-2022-43377:
A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that
A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that
could cause account takeover when a brute force attack is performed on the account.
Affected Products: NetBotz 4 - 355/450/455/550/570 (V4.7.0
and prior)
cvelistv5nvd
CVE-2022-43378MEDIUMCVSS 6.5vV4.7.0 and prior2023-04-18
CVE-2022-43378 [MEDIUM] CWE-1021 CVE-2022-43378:
A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists that
co
A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists that
could cause the user to be tricked into performing unintended actions when external address
frames are not properly restricted.
Affected Products: NetBotz 4 - 355/450/455/550/570 (V4.7.0
and prior)
cvelistv5nvd
CVE-2022-43376MEDIUMCVSS 6.1vV4.7.0 and prior2023-04-18
CVE-2022-43376 [MEDIUM] CWE-79 CVE-2022-43376:
A CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site
Scripting') vu
A CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site
Scripting') vulnerability exists that could cause code and session manipulation when malicious
code is inserted into the browser.
Affected Products: NetBotz 4 - 355/450/455/550/570 (V4.7.0
and prior)
cvelistv5nvd