CPE-21B8D9BF-4AB6-44A7-B718-47A82C353E1A Detail

CPE Details

Schneider Electric Sage 1410

Vendor

schneider-electric

Product

sage_1410

Version

Created

2018-09-24
13h49 +00:00

Modified

2018-09-24
13h49 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:h:schneider-electric:sage_1410:-:::::::*

Informations

Vendor

schneider-electric

Product

sage_1410

Version

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2024-37040	2024-06-12 16h56 +00:00	CWE-120: Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’) vulnerability exists that could allow a user with access to the device’s web interface to cause a fault on the device when sending a malformed HTTP request.	8.1	High
CVE-2024-37039	2024-06-12 16h54 +00:00	CWE-252: Unchecked Return Value vulnerability exists that could cause denial of service of the device when an attacker sends a specially crafted HTTP request.	7.5	High
CVE-2024-37038	2024-06-12 16h51 +00:00	CWE-276: Incorrect Default Permissions vulnerability exists that could allow an authenticated user with access to the device’s web interface to perform unauthorized file and firmware uploads when crafting custom web requests.	8.8	High
CVE-2024-37037	2024-06-12 16h50 +00:00	CWE-22: Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability exists that could allow an authenticated user with access to the device’s web interface to corrupt files and impact device functionality when sending a crafted HTTP request.	8.1	High
CVE-2024-37036	2024-06-12 16h48 +00:00	CWE-787: Out-of-bounds Write vulnerability exists that could result in an authentication bypass when sending a malformed POST request and particular configuration parameters are set.	9.8	Critical
CVE-2024-5560	2024-06-12 16h45 +00:00	CWE-125: Out-of-bounds Read vulnerability exists that could cause denial of service of the device’s web interface when an attacker sends a specially crafted HTTP request.	7.5	High
CVE-2015-6485	2016-03-12 01h00 +00:00	Schneider Electric Telvent Sage 2300 RTUs with firmware before C3413-500-S01, and LANDAC II-2, Sage 1410, Sage 1430, Sage 1450, Sage 2400, and Sage 3030M RTUs with firmware before C3414-500-S02J2, allow remote attackers to obtain sensitive information from device memory by reading a padding field of an Ethernet packet.	5.3	Medium
CVE-2015-3963	2015-08-03 23h00 +00:00	Wind River VxWorks before 5.5.1, 6.5.x through 6.7.x before 6.7.1.1, 6.8.x before 6.8.3, 6.9.x before 6.9.4.4, and 7.x before 7 ipnet_coreip 1.2.2.0, as used on Schneider Electric SAGE RTU devices before J2 and other devices, does not properly generate TCP initial sequence number (ISN) values, which makes it easier for remote attackers to spoof TCP sessions by predicting an ISN value.	5.8

Schneider Electric Sage 1410

CPE Details

CPE Name: cpe:2.3:h:schneider-electric:sage_1410:-:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:h:schneider-electric:sage_1410:-:::::::*