CVE-2023-0595
Published on: Not Yet Published
Last Modified on: 04/18/2023 09:15:00 PM UTC
Certain versions of Clearscada from Schneider-electric contain the following vulnerability:
A CWE-117: Improper Output Neutralization for Logs vulnerability exists that could cause the misinterpretation of log files when malicious packets are sent to the Geo SCADA server's database web port (default 443). Affected products: EcoStruxure Geo SCADA Expert 2019, EcoStruxure Geo SCADA Expert 2020, EcoStruxure Geo SCADA Expert 2021(All Versions prior to October 2022), ClearSCADA (All Versions)
- CVE-2023-0595 has been assigned by
[email protected] to track the vulnerability - currently rated as MEDIUM severity. - Affected Vendor/Software: Schneider Electric - EcoStruxure Geo SCADA Expert 2019 version <= October 2022
- Affected Vendor/Software: Schneider Electric - EcoStruxure Geo SCADA Expert 2020 version <= October 2022
- Affected Vendor/Software: Schneider Electric - EcoStruxure Geo SCADA Expert 2021 version <= October 2022
- Affected Vendor/Software: Schneider Electric - ClearSCADA version = All Versions
CVSS3 Score: 5.3 - MEDIUM
| Attack Vector ⓘ |
Attack Complexity |
Privileges Required |
User Interaction |
|---|---|---|---|
| NETWORK | LOW | NONE | NONE |
| Scope | Confidentiality Impact |
Integrity Impact |
Availability Impact |
| UNCHANGED | NONE | LOW | NONE |
CVE References
| Description | Tags ⓘ | Link |
|---|---|---|
| Security Notification - EcoStruxure Geo SCADA Expert Security Security and Safety Notice | Schneider Electric | www.se.com text/html |
MISC www.se.com/ww/en/download/document/SEVD-2023-045-01/ |
| download.schneider-electric.com application/pdf Inactive LinkNot Archived |
MISC download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-045-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-045-01.pdf |
There are currently no QIDs associated with this CVE
Known Affected Configurations (CPE V2.3)
- cpe:2.3:a:schneider-electric:clearscada:*:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:-:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7268.1:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7322.1:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7429.2:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7457.1:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7488.1:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7522.1:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7545.1:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7578.1:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7613.1:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7641.1:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7690.1:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7714.1:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7742.1:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7777.1:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7808.2:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7840.1:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7875.1:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7896.1:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7936.1:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.7980.1:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.8015.1:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.8108.2:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.8122.1:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.8155.1:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.8172.1:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.8197.1:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.8220.1:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2019:81.8267.1:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:-:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7551.1:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7578.1:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7613.1:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7641.1:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7692.1:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7717.1:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7742.1:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7787.1:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7809.1:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7840.1:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7875.1:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7913.1:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7936.2:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.7980.2:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.8017.1:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.8108.1:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.8122.2:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.8155.1:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.8181.1:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.8197.1:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.8221.1:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2020:83.8267.1:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2021:-:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2021:84.8027.1:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2021:84.8108.1:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2021:84.8120.1:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2021:84.8158.1:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2021:84.8182.1:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2021:84.8197.1:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2021:84.8218.1:*:*:*:*:*:*:*:
- cpe:2.3:a:schneider-electric:ecostruxure_geo_scada_expert_2021:84.8269.1:*:*:*:*:*:*:*:
No vendor comments have been submitted for this CVE
Social Mentions
| Source | Title | Posted (UTC) |
|---|---|---|
 @CVEreport |
CVE-2023-0595 : A CWE-117: Improper Output Neutralization for Logs vulnerability exists that could cause the misint… twitter.com/i/web/status/1… | 2023-02-24 10:42:25 |