CVE-2023-2265

AnImproper Restriction of Rendered UI Layers or Frames in the Schweitzer Engineering Laboratories SEL-411L could allow an unauthenticated attacker to perform clickjacking based attacks against an authenticated and authorized user.



See product Instruction Manual Appendix A dated 20230830 for more details.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
SELCNA
4.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 35%
VendorProductVersion
selincsel-411l_firmware
r118-v0 ≤
𝑥
< r118-v4
selincsel-411l_firmware
r119-v0 ≤
𝑥
< r119-v5
selincsel-411l_firmware
r120-v0 ≤
𝑥
< r120-v6
selincsel-411l_firmware
r121-v0 ≤
𝑥
< r121-v3
selincsel-411l_firmware
r122-v0 ≤
𝑥
< r122-v3
selincsel-411l_firmware
r123-v0 ≤
𝑥
< r123-v3
selincsel-411l_firmware
r124-v0 ≤
𝑥
< r124-v3
selincsel-411l_firmware
r125-v0 ≤
𝑥
< r125-v3
selincsel-411l_firmware
r126-v0 ≤
𝑥
< r126-v4
selincsel-411l_firmware
r127-v0 ≤
𝑥
< r127-v2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://selinc.com/support/security-notifications/external-reports/
https://selinc.com/support/security-notifications/external-reports/