{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-21T09:42:14.640","vulnerabilities":[{"cve":{"id":"CVE-2020-7545","sourceIdentifier":"cybersecurity@se.com","published":"2020-12-01T15:15:12.297","lastModified":"2024-11-21T05:37:21.233","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A CWE-284:Improper Access Control vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software (see security notification for version information) that could allow for arbitrary code execution on the server when an authorized user access an affected webpage."},{"lang":"es","value":"Una CWE-284: Se presenta una vulnerabilidad Control de Acceso Inapropiado en el Software EcoStruxureª y SmartStruxureª Power Monitoring and SCADA (véase la notificación de seguridad para la información de la versión) que podría permitir una ejecución de código arbitraria en el servidor cuando un usuario autorizado accede a una página web afectada"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"cybersecurity@se.com","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:schneider-electric:ecostruxure_energy_expert:2.0:*:*:*:*:*:*:*","matchCriteriaId":"CDF7DFC6-6F41-491B-A703-6AB0143FE5B1"},{"vulnerable":true,"criteria":"cpe:2.3:a:schneider-electric:ecostruxure_power_monitoring_expert:7.0:*:*:*:*:*:*:*","matchCriteriaId":"6819EA7A-C803-480F-98DF-44DA144FE488"},{"vulnerable":true,"criteria":"cpe:2.3:a:schneider-electric:ecostruxure_power_monitoring_expert:8.0:*:*:*:*:*:*:*","matchCriteriaId":"66E928C4-87C8-4BD6-9131-B7D558330CBA"},{"vulnerable":true,"criteria":"cpe:2.3:a:schneider-electric:ecostruxure_power_monitoring_expert:9.0:*:*:*:*:*:*:*","matchCriteriaId":"0BEB4F4B-0B22-47CA-B173-C06C1A925348"},{"vulnerable":true,"criteria":"cpe:2.3:a:schneider-electric:power_manager:1.1:*:*:*:*:*:*:*","matchCriteriaId":"2FC0093C-00CE-43A8-80EC-0509992E637B"},{"vulnerable":true,"criteria":"cpe:2.3:a:schneider-electric:power_manager:1.2:*:*:*:*:*:*:*","matchCriteriaId":"CE9A1DF0-42B8-4123-8276-1D4BED156034"},{"vulnerable":true,"criteria":"cpe:2.3:a:schneider-electric:power_manager:1.3:*:*:*:*:*:*:*","matchCriteriaId":"54A54A8D-40F5-4E75-A524-B81E487DB274"},{"vulnerable":true,"criteria":"cpe:2.3:a:schneider-electric:powerscada_expert_with_advanced_reporting_and_dashboards:8.0:*:*:*:*:*:*:*","matchCriteriaId":"3CC2CF9D-8D0C-4FD3-94A2-34A63E297B81"},{"vulnerable":true,"criteria":"cpe:2.3:a:schneider-electric:powerscada_operation_with_advanced_reporting_and_dashboards:9.0:*:*:*:*:*:*:*","matchCriteriaId":"DC8F406C-868A-443C-8842-6CFFFF17C236"}]}]}],"references":[{"url":"https://www.se.com/ww/en/download/document/SEVD-2020-287-04/","source":"cybersecurity@se.com","tags":["Vendor Advisory"]},{"url":"https://www.se.com/ww/en/download/document/SEVD-2020-287-04/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}