Filtered by vendor Schneider-electric Subscriptions
Filtered by product Powerlogic Ion8650 Subscriptions
Total 5 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-46680 1 Schneider-electric 10 Powerlogic Ion7400, Powerlogic Ion7400 Firmware, Powerlogic Ion8650 and 7 more 2024-11-21 8.8 High
A CWE-319: Cleartext transmission of sensitive information vulnerability exists that could cause disclosure of sensitive information, denial of service, or modification of data if an attacker is able to intercept network traffic.
CVE-2021-22713 1 Schneider-electric 21 Ion7650 Firmware, Powerlogic Ion7300, Powerlogic Ion7300 Firmware and 18 more 2024-11-21 7.5 High
A CWE-119:Improper restriction of operations within the bounds of a memory buffer vulnerability exists in PowerLogic ION8650, ION8800, ION7650, ION7700/73xx, and ION83xx/84xx/85xx/8600 (see security notifcation for affected versions), which could cause the meter to reboot.
CVE-2021-22703 1 Schneider-electric 20 Powerlogic Ion7400, Powerlogic Ion7400 Firmware, Powerlogic Ion7650 and 17 more 2024-11-21 7.5 High
A CWE-319: Cleartext transmission of sensitive information vulnerability exists in PowerLogic ION7400, ION7650, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000 and PM800 (see notification for affected versions), that could cause disclosure of user credentials when a malicious actor intercepts HTTP network traffic between a user and the device.
CVE-2021-22702 1 Schneider-electric 24 Powerlogic Ion7300, Powerlogic Ion7300 Firmware, Powerlogic Ion7400 and 21 more 2024-11-21 7.5 High
A CWE-319: Cleartext transmission of sensitive information vulnerability exists in PowerLogic ION7400, ION7650, ION7700/73xx, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000 and PM800 (see notification for affected versions), that could cause disclosure of user credentials when a malicious actor intercepts Telnet network traffic between a user and the device.
CVE-2021-22701 1 Schneider-electric 21 Powerlogic Ion7400, Powerlogic Ion7400 Firmware, Powerlogic Ion7410 and 18 more 2024-11-21 4.5 Medium
A CWE-352: Cross-Site Request Forgery vulnerability exists in PowerLogic ION7400, ION7650, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000 and PM800 (see notification for affected versions), that could cause a user to perform an unintended action on the target device when using the HTTP web interface.