A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists that
could cause the user to be tricked into performing unintended actions when external address
frames are not properly restricted.
Affected Products: NetBotz 4 - 355/450/455/550/570 (V4.7.0
and prior)
References
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
History
27 Apr 2023, 19:31
Type | Values Removed | Values Added |
---|---|---|
First Time |
Schneider-electric netbotz 570 Firmware
Schneider-electric netbotz 455 Schneider-electric netbotz 550 Firmware Schneider-electric netbotz 355 Firmware Schneider-electric netbotz 570 Schneider-electric netbotz 455 Firmware Schneider-electric netbotz 450 Schneider-electric netbotz 550 Schneider-electric Schneider-electric netbotz 450 Firmware Schneider-electric netbotz 355 |
|
CPE | cpe:2.3:h:schneider-electric:netbotz_550:-:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:netbotz_355_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:netbotz_355:-:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:netbotz_550_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:netbotz_570_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:netbotz_455_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:netbotz_455:-:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:netbotz_450_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:netbotz_450:-:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:netbotz_570:-:*:*:*:*:*:*:* |
|
References | (MISC) https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-312-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-312-01-NetBotz_4_Security_Notification.pdf - Patch, Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
18 Apr 2023, 21:25
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-04-18 21:15
Updated : 2023-12-10 15:01
NVD link : CVE-2022-43378
Mitre link : CVE-2022-43378
CVE.ORG link : CVE-2022-43378
JSON object : View
Products Affected
schneider-electric
- netbotz_550
- netbotz_455_firmware
- netbotz_570
- netbotz_455
- netbotz_450_firmware
- netbotz_355
- netbotz_355_firmware
- netbotz_550_firmware
- netbotz_570_firmware
- netbotz_450
CWE
CWE-1021
Improper Restriction of Rendered UI Layers or Frames