Design/Logic Flaw

2018-12-1722:29:00

PRIOn knowledge base

www.prio-n.com

0.001 Low

EPSS

Percentile

38.9%

JSON

A URL redirection vulnerability exists in Power Monitoring Expert, Energy Expert (formerly Power Manager) - EcoStruxure Power Monitoring Expert (PME) v8.2 (all editions), EcoStruxure Energy Expert 1.3 (formerly Power Manager), EcoStruxure Power SCADA Operation (PSO) 8.2 Advanced Reports and Dashboards Module, EcoStruxure Power Monitoring Expert (PME) v9.0, EcoStruxure Energy Expert v2.0, and EcoStruxure Power SCADA Operation (PSO) 9.0 Advanced Reports and Dashboards Module which could cause a phishing attack when redirected to a malicious site.

CPENameOperatorVersion
ecostruxure_energy_experteq2.0
ecostruxure_energy_experteq1.3
ecostruxure_power_monitoring_experteq9.0
ecostruxure_power_monitoring_experteq8.2
ecostruxure_power_scada_operationeq9.0
ecostruxure_power_scada_operationeq8.2

Name	Operator	Version
ecostruxure_energy_expert	eq	2.0
ecostruxure_energy_expert	eq	1.3
ecostruxure_power_monitoring_expert	eq	9.0
ecostruxure_power_monitoring_expert	eq	8.2
ecostruxure_power_scada_operation	eq	9.0
ecostruxure_power_scada_operation	eq	8.2

References

www.securityfocus.com/bid/106277

www.schneider-electric.com/en/download/document/SEVD-2018-347-01/

0.001 Low

EPSS

Percentile

38.9%

JSON

Related for PRION:CVE-2018-7797