Improper input validation could lead to reflection injection attacks
CVE-2023-2267

5.4MEDIUM

What is CVE-2023-2267?

An Improper Input Validation vulnerability in Schweitzer Engineering Laboratories SEL-411L could allow an attacker to perform reflection attacks against an authorized and authenticated user.

See product Instruction Manual Appendix A dated 20230830 for more details.

Affected Version(s)

SEL-411L R118-V0

SEL-411L R119-V0

SEL-411L R120-V0

References

CVSS V3.1

Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Sushant Mane, Parul Sindhwad, Imran Jamadar & Dr. Faruk Kazi from CoE-CNDS Lab, VJTI, Mumbai, India.
.
CVE-2023-2267 : Improper input validation could lead to reflection injection attacks