Weak Password Requirements in Easergy Builder by Schneider Electric
CVE-2020-7519

7.5HIGH

Key Information:

Vendor: Schneider Electric
Status: Easergy Builder (version 1.4.7.2 And Older)
Vendor: CVE Published:; 23 July 2020

Summary

A vulnerability in Easergy Builder allows attackers to gain unauthorized access to user accounts due to inadequate password complexities. This weakness can lead to significant security risks, making it essential for users to implement strong password policies and regularly update their software to mitigate potential threats.

Affected Version(s)

Easergy Builder (Version 1.4.7.2 and older) Easergy Builder (Version 1.4.7.2 and older)

References

https://www.se.com/ww/en/download/document/SEVD-2020-161-05

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 23, 2020
Vulnerability Reserved
Jan 21, 2020