Unrated severityNVD Advisory· Published Dec 18, 2019· Updated Aug 5, 2024

CVE-2019-18267

Description

An issue was found in GE S2020/S2020G Fast Switch 61850, S2020/S2020G Fast Switch 61850 Versions 07A03 and prior. An attacker can inject arbitrary Javascript in a specially crafted HTTP request that may be reflected back in the HTTP response. The device is also vulnerable to a stored cross-site scripting vulnerability that may allow session hijacking, disclosure of sensitive data, cross-site request forgery (CSRF) attacks, and remote code execution.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

GE/S2020/S2020G Fast Switch 61850description
Ge/S2020/S2020G Fast Switch 61850llm-create
Range: <= 07A03

Patches

Vulnerability mechanics

References

www.us-cert.gov/ics/advisories/icsa-19-351-01mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000