CVE-2023-31161
Published: May 10, 2023
Modified: Jan 24, 2025
CVSS v3.1
5.9
Description
An Improper Input Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow an authenticated remote attacker to use internal resources, allowing a variety of potential effects. See SEL Service Bulletin dated 2022-11-15 for more details.
| Vendor | Product | Versions |
|---|---|---|
Schweitzer Engineering Laboratories | SEL-3532 | affected R143-V0 - < R150-V2affected R143-V0 - < R149-V4affected R143-V0 - < R148-V7affected R143-V0 - < R147-V6 |
Schweitzer Engineering Laboratories | SEL-3555 | affected R143-V0 - < R150-V2affected R143-V0 - < R149-V4affected R143-V0 - < R148-V7affected R143-V0 - < R147-V6 |
Schweitzer Engineering Laboratories | SEL-3560S | affected R144-V2 - < R150-V2affected R144-V2 - < R149-V4affected R144-V2 - < R148-V7affected R144-V2 - < R147-V6 |
Schweitzer Engineering Laboratories | SEL-3560E | affected R144-V2 - < R150-V2affected R144-V2 - < R149-V4affected R144-V2 - < R148-V7affected R144-V2 - < R147-V6 |
Schweitzer Engineering Laboratories | SEL-3350 | affected R148-V0 - < R150-V2affected R148-V0 - < R149-V4affected R148-V0 - < R148-V7 |
Weaknesses (CWE)
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now