CVE-2018-7797

Published: Dec 17, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

A URL redirection vulnerability exists in Power Monitoring Expert, Energy Expert (formerly Power Manager) - EcoStruxure Power Monitoring Expert (PME) v8.2 (all editions), EcoStruxure Energy Expert 1.3 (formerly Power Manager), EcoStruxure Power SCADA Operation (PSO) 8.2 Advanced Reports and Dashboards Module, EcoStruxure Power Monitoring Expert (PME) v9.0, EcoStruxure Energy Expert v2.0, and EcoStruxure Power SCADA Operation (PSO) 9.0 Advanced Reports and Dashboards Module which could cause a phishing attack when redirected to a malicious site.

Vendor	Product	Versions
Schneider Electric SE	Power Monitoring Expert, Energy Expert (formerly Power Manager) - EcoStruxureª Power Monitoring Expert (PME) v8.2 (all editions), EcoStruxureª Energy Expert 1.3 (formerly Power Manager), EcoStruxureª Power SCADA Operation (PSO) 8.2 Advanced Reports and Dashboards Module, EcoStruxureª Power Monitoring Expert (PME) v9.0, EcoStruxureª Energy Expert v2.0, and EcoStruxureªPower SCADA Operation (PSO) 9.0 Advanced Reports and Dashboards Module	affected `EcoStruxure&#xaa` affected `Power Monitoring Expert (PME) v8.2 (all editions), EcoStruxure&#xaa` affected `Energy Expert 1.3 (formerly Power Manager), EcoStruxure&#xaa` affected `Power SCADA Operation (PSO) 8.2 Advanced Reports and Dashboards Module, EcoStruxure&#xaa` affected `Power Monitoring Expert (PME) v9.0, EcoStruxure&#xaa` +2 more versions

References

106277

vdb-entry

x_refsource_BID

https://www.schneider-electric.com/en/download/document/SEVD-2018-347-01/

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2018-7797

Description

Affected Products

References