PT-2016-5994 · Schneider Electric · Powermeter 800+1
Published
2016-06-26
·
Updated
2016-06-28
·
CVE-2016-4513
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
PowerLogic PM8ECC module version 2.651 and earlier for PowerMeter 800 devices
Description
A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. This could potentially lead to unauthorized access or control of the affected devices.
Recommendations
For PowerLogic PM8ECC module version 2.651 and earlier, update to version 2.651 or later to resolve the issue.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Powerlogic Pm8Ecc
Powermeter 800