High severity7.5NVD Advisory· Published Feb 19, 2021· Updated May 29, 2026
CVE-2021-22703
CVE-2021-22703
Description
A CWE-319: Cleartext transmission of sensitive information vulnerability exists in PowerLogic ION7400, ION7650, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000 and PM800 (see notification for affected versions), that could cause disclosure of user credentials when a malicious actor intercepts HTTP network traffic between a user and the device.
Affected products
12cpe:2.3:o:schneider-electric:powerlogic_ion7400_firmware:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:schneider-electric:powerlogic_ion7400_firmware:*:*:*:*:*:*:*:*range: <3.0.0
- (no CPE)
- cpe:2.3:o:schneider-electric:powerlogic_ion7650_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:schneider-electric:powerlogic_ion8300_firmware:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:schneider-electric:powerlogic_ion8300_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:schneider-electric:powerlogic_ion9000_firmware:*:*:*:*:*:*:*:*range: <3.0.0
cpe:2.3:o:schneider-electric:powerlogic_ion8400_firmware:*:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:o:schneider-electric:powerlogic_ion8400_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:schneider-electric:powerlogic_ion8500_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:schneider-electric:powerlogic_ion8600_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:schneider-electric:powerlogic_ion8650_firmware:*:*:*:*:*:*:*:*range: <=4.31.2
- cpe:2.3:o:schneider-electric:powerlogic_ion8800_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:schneider-electric:powerlogic_pm8000_firmware:*:*:*:*:*:*:*:*Range: <3.0.0
- Schneider Electric/PowerLogicdescription
Patches
Vulnerability mechanics
References
1- www.se.com/ww/en/download/document/SEVD-2021-040-01/nvdMitigationVendor Advisory
News mentions
0No linked articles in our index yet.