Authorization Bypass Vulnerability in StruxureWare Data Center Expert from Schneider Electric
CVE-2023-25548
8.8HIGH
Key Information:
- Vendor
Schneider Electric
- Vendor
- CVE Published:
- 18 April 2023
What is CVE-2023-25548?
A vulnerability has been identified in StruxureWare Data Center Expert that allows low privileged users to access sensitive device credentials. This weakness arises from insufficient security measures on specific DCE endpoints, potentially leading to unauthorized access. Organizations utilizing earlier versions of the software should address this issue to ensure proper security controls are in place to protect against unauthorized credential access.
Affected Version(s)
StruxureWare Data Center Expert All