QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2023-31152

Back to search

CVE-2023-31152

Published: May 10, 2023

Modified: Jan 24, 2025

PUBLISHED

CVSS v3.1

4.0

MEDIUM

Description

An Authentication Bypass Using an Alternate Path or Channel vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface allows Authentication Bypass. See SEL Service Bulletin dated 2022-11-15 for more details.

VendorProductVersions

Schweitzer Engineering Laboratories

SEL-3505

affected
R147-V0 - < R150-V2
affected
R147-V0 - < R149-V4
affected
R147-V0 - < R148-V7
affected
R147-V0 - < R147-V6

Schweitzer Engineering Laboratories

SEL-3505-3

affected
R147-V0 - < R150-V2
affected
R147-V0 - < R149-V4
affected
R147-V0 - < R148-V7
affected
R147-V0 - < R147-V6

Schweitzer Engineering Laboratories

SEL-3530

affected
R147-V0 - < R150-V2
affected
R147-V0 - < R149-V4
affected
R147-V0 - < R148-V7
affected
R147-V0 - < R147-V6

Schweitzer Engineering Laboratories

SEL-3530-4

affected
R147-V0 - < R150-V2
affected
R147-V0 - < R149-V4
affected
R147-V0 - < R148-V7
affected
R147-V0 - < R147-V6

Schweitzer Engineering Laboratories

SEL-3532

affected
R147-V0 - < R150-V2
affected
R147-V0 - < R149-V4
affected
R147-V0 - < R148-V7
affected
R147-V0 - < R147-V6

Schweitzer Engineering Laboratories

SEL-3555

affected
R147-V0 - < R150-V2
affected
R147-V0 - < R149-V4
affected
R147-V0 - < R148-V7
affected
R147-V0 - < R147-V6

Schweitzer Engineering Laboratories

SEL-3560S

affected
R147-V0 - < R150-V2
affected
R147-V0 - < R149-V4
affected
R147-V0 - < R148-V7
affected
R147-V0 - < R147-V6

Schweitzer Engineering Laboratories

SEL-3560E

affected
R147-V0 - < R150-V2
affected
R147-V0 - < R149-V4
affected
R147-V0 - < R148-V7
affected
R147-V0 - < R147-V6

Schweitzer Engineering Laboratories

SEL-2241 RTAC module

affected
R147-V0 - < R150-V2
affected
R147-V0 - < R149-V4
affected
R147-V0 - < R148-V7
affected
R147-V0 - < R147-V6

Schweitzer Engineering Laboratories

SEL-3350

affected
R148-V0 - < R150-V2
affected
R148-V0 - < R149-V4
affected
R148-V0 - < R148-V7

Weaknesses (CWE)

CWE-288

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:N

Attack Vector

Network

Attack Complexity

High

Privileges Required

High

User Interaction

Required

Scope

Changed

Confidentiality

Low

Integrity

Low

Availability

None

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now