Powerlogic_pm8000_firmware - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Powerlogic_pm8000_firmware
(Schneider\-Electric)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	5

Date	Id	Summary	Products	Score	Patch	Annotated
2021-02-19	CVE-2021-22703	A CWE-319: Cleartext transmission of sensitive information vulnerability exists in PowerLogic ION7400, ION7650, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000 and PM800 (see notification for affected versions), that could cause disclosure of user credentials when a malicious actor intercepts HTTP network traffic between a user and the device.	Powerlogic_ion7400_firmware, Powerlogic_ion7650_firmware, Powerlogic_ion8300_firmware, Powerlogic_ion8400_firmware, Powerlogic_ion8500_firmware, Powerlogic_ion8600_firmware, Powerlogic_ion8650_firmware, Powerlogic_ion8800_firmware, Powerlogic_ion9000_firmware, Powerlogic_pm8000_firmware	7.5
2021-02-19	CVE-2021-22701	A CWE-352: Cross-Site Request Forgery vulnerability exists in PowerLogic ION7400, ION7650, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000 and PM800 (see notification for affected versions), that could cause a user to perform an unintended action on the target device when using the HTTP web interface.	Powerlogic_ion7400_firmware, Powerlogic_ion7650_firmware, Powerlogic_ion8300_firmware, Powerlogic_ion8400_firmware, Powerlogic_ion8500_firmware, Powerlogic_ion8600_firmware, Powerlogic_ion8650_firmware, Powerlogic_ion8800_firmware, Powerlogic_ion9000_firmware, Powerlogic_pm8000_firmware	4.5
2021-02-19	CVE-2021-22702	A CWE-319: Cleartext transmission of sensitive information vulnerability exists in PowerLogic ION7400, ION7650, ION7700/73xx, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000 and PM800 (see notification for affected versions), that could cause disclosure of user credentials when a malicious actor intercepts Telnet network traffic between a user and the device.	Powerlogic_ion7300_firmware, Powerlogic_ion7400_firmware, Powerlogic_ion7650_firmware, Powerlogic_ion7700_firmware, Powerlogic_ion8300_firmware, Powerlogic_ion8400_firmware, Powerlogic_ion8500_firmware, Powerlogic_ion8600_firmware, Powerlogic_ion8650_firmware, Powerlogic_ion8800_firmware, Powerlogic_ion9000_firmware, Powerlogic_pm8000_firmware	7.5
2021-03-11	CVE-2021-22714	A CWE-119:Improper restriction of operations within the bounds of a memory buffer vulnerability exists in PowerLogic ION7400, PM8000 and ION9000 (All versions prior to V3.0.0), which could cause the meter to reboot or allow for remote code execution.	Powerlogic_ion7400_firmware, Powerlogic_ion9000_firmware, Powerlogic_pm8000_firmware	9.8
2023-05-22	CVE-2022-46680	A CWE-319: Cleartext transmission of sensitive information vulnerability exists that could cause disclosure of sensitive information, denial of service, or modification of data if an attacker is able to intercept network traffic.	Powerlogic_ion7400_firmware, Powerlogic_ion8650_firmware, Powerlogic_ion8800_firmware, Powerlogic_ion9000_firmware, Powerlogic_pm8000_firmware	9.8