{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-24T16:58:22.653","vulnerabilities":[{"cve":{"id":"CVE-2020-7547","sourceIdentifier":"cybersecurity@se.com","published":"2020-12-01T15:15:12.657","lastModified":"2024-11-21T05:37:21.470","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A CWE-284: Improper Access Control vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software (see security notification for version information) that could allow a user the ability to perform actions via the web interface at a higher privilege level."},{"lang":"es","value":"Una CWE-284: Se presenta una vulnerabilidad Control de Acceso Inapropiado en el Software EcoStruxureª y SmartStruxureª Power Monitoring and SCADA (véase la notificación de seguridad para la información de la versión) que podría permitir a un usuario la habilidad para llevar a cabo acciones por medio de la interfaz web en un nivel de privilegio elevado"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"cybersecurity@se.com","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:schneider-electric:ecostruxure_energy_expert:2.0:*:*:*:*:*:*:*","matchCriteriaId":"CDF7DFC6-6F41-491B-A703-6AB0143FE5B1"},{"vulnerable":true,"criteria":"cpe:2.3:a:schneider-electric:ecostruxure_power_monitoring_expert:7.0:*:*:*:*:*:*:*","matchCriteriaId":"6819EA7A-C803-480F-98DF-44DA144FE488"},{"vulnerable":true,"criteria":"cpe:2.3:a:schneider-electric:ecostruxure_power_monitoring_expert:8.0:*:*:*:*:*:*:*","matchCriteriaId":"66E928C4-87C8-4BD6-9131-B7D558330CBA"},{"vulnerable":true,"criteria":"cpe:2.3:a:schneider-electric:ecostruxure_power_monitoring_expert:9.0:*:*:*:*:*:*:*","matchCriteriaId":"0BEB4F4B-0B22-47CA-B173-C06C1A925348"},{"vulnerable":true,"criteria":"cpe:2.3:a:schneider-electric:power_manager:1.1:*:*:*:*:*:*:*","matchCriteriaId":"2FC0093C-00CE-43A8-80EC-0509992E637B"},{"vulnerable":true,"criteria":"cpe:2.3:a:schneider-electric:power_manager:1.2:*:*:*:*:*:*:*","matchCriteriaId":"CE9A1DF0-42B8-4123-8276-1D4BED156034"},{"vulnerable":true,"criteria":"cpe:2.3:a:schneider-electric:power_manager:1.3:*:*:*:*:*:*:*","matchCriteriaId":"54A54A8D-40F5-4E75-A524-B81E487DB274"},{"vulnerable":true,"criteria":"cpe:2.3:a:schneider-electric:powerscada_expert_with_advanced_reporting_and_dashboards:8.0:*:*:*:*:*:*:*","matchCriteriaId":"3CC2CF9D-8D0C-4FD3-94A2-34A63E297B81"},{"vulnerable":true,"criteria":"cpe:2.3:a:schneider-electric:powerscada_operation_with_advanced_reporting_and_dashboards:9.0:*:*:*:*:*:*:*","matchCriteriaId":"DC8F406C-868A-443C-8842-6CFFFF17C236"}]}]}],"references":[{"url":"https://www.se.com/ww/en/download/document/SEVD-2020-287-04/","source":"cybersecurity@se.com","tags":["Vendor Advisory"]},{"url":"https://www.se.com/ww/en/download/document/SEVD-2020-287-04/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}