Filtered by vendor Schneider-electric Subscriptions
Filtered by product Powerlogic Ion9000 Firmware Subscriptions
Total 5 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2021-22702 1 Schneider-electric 24 Powerlogic Ion7300, Powerlogic Ion7300 Firmware, Powerlogic Ion7400 and 21 more 2024-08-03 7.5 High
A CWE-319: Cleartext transmission of sensitive information vulnerability exists in PowerLogic ION7400, ION7650, ION7700/73xx, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000 and PM800 (see notification for affected versions), that could cause disclosure of user credentials when a malicious actor intercepts Telnet network traffic between a user and the device.
CVE-2021-22701 1 Schneider-electric 21 Powerlogic Ion7400, Powerlogic Ion7400 Firmware, Powerlogic Ion7410 and 18 more 2024-08-03 4.5 Medium
A CWE-352: Cross-Site Request Forgery vulnerability exists in PowerLogic ION7400, ION7650, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000 and PM800 (see notification for affected versions), that could cause a user to perform an unintended action on the target device when using the HTTP web interface.
CVE-2021-22703 1 Schneider-electric 20 Powerlogic Ion7400, Powerlogic Ion7400 Firmware, Powerlogic Ion7650 and 17 more 2024-08-03 7.5 High
A CWE-319: Cleartext transmission of sensitive information vulnerability exists in PowerLogic ION7400, ION7650, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000 and PM800 (see notification for affected versions), that could cause disclosure of user credentials when a malicious actor intercepts HTTP network traffic between a user and the device.
CVE-2021-22714 1 Schneider-electric 6 Powerlogic Ion7400, Powerlogic Ion7400 Firmware, Powerlogic Ion9000 and 3 more 2024-08-03 9.8 Critical
A CWE-119:Improper restriction of operations within the bounds of a memory buffer vulnerability exists in PowerLogic ION7400, PM8000 and ION9000 (All versions prior to V3.0.0), which could cause the meter to reboot or allow for remote code execution.
CVE-2022-46680 1 Schneider-electric 10 Powerlogic Ion7400, Powerlogic Ion7400 Firmware, Powerlogic Ion8650 and 7 more 2024-08-03 8.8 High
A CWE-319: Cleartext transmission of sensitive information vulnerability exists that could cause disclosure of sensitive information, denial of service, or modification of data if an attacker is able to intercept network traffic.