CVE-2023-2264

An improper input validation vulnerability in the Schweitzer Engineering Laboratories SEL-411L could allow a malicious actor to manipulate authorized users to click on a link that could allow undesired behavior.



See product Instruction Manual Appendix A dated 20230830 for more details.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4 MEDIUM
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L
SELCNA
4 MEDIUM
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 16%
VendorProductVersion
selincsel-411l_firmware
r118-v0 ≤
𝑥
< r118-v4
selincsel-411l_firmware
r119-v0 ≤
𝑥
< r119-v5
selincsel-411l_firmware
r120-v0 ≤
𝑥
< r120-v6
selincsel-411l_firmware
r121-v0 ≤
𝑥
< r121-v3
selincsel-411l_firmware
r122-v0 ≤
𝑥
< r122-v3
selincsel-411l_firmware
r123-v0 ≤
𝑥
< r123-v3
selincsel-411l_firmware
r124-v0 ≤
𝑥
< r124-v3
selincsel-411l_firmware
r125-v0 ≤
𝑥
< r125-v3
selincsel-411l_firmware
r126-v0 ≤
𝑥
< r126-v4
selincsel-411l_firmware
r127-v0 ≤
𝑥
< r127-v2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://selinc.com/support/security-notifications/external-reports/
https://selinc.com/support/security-notifications/external-reports/