Unrated severityNVD Advisory· Published Feb 9, 2022· Updated Aug 3, 2024
CVE-2022-22808
CVE-2022-22808
Description
A CWE-352: Cross-Site Request Forgery (CSRF) exists that could cause a remote attacker to gain unauthorized access to the product when conducting cross-domain attacks based on same-origin policy or cross-site request forgery protections bypass. Affected Product: EcoStruxure EV Charging Expert (formerly known as EVlink Load Management System): (HMIBSCEA53D1EDB, HMIBSCEA53D1EDS, HMIBSCEA53D1EDM, HMIBSCEA53D1EDL, HMIBSCEA53D1ESS, HMIBSCEA53D1ESM, HMIBSCEA53D1EML) (All Versions prior to SP8 (Version 01) V4.0.0.13)
Affected products
2- Schneider Electric/EcoStruxure EV Charging Expertdescription
- Range: < V4.0.0.13
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.