GCVE - cpe:2.3:a:schneider_electric_se:citect

Approved changes feed: RSS · Atom

cpe:2.3:a:schneider_electric_se:citect_anywhere:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Schneider Electric Se (`25d1a66d-bfb8-5d1c-9a6c-4a2405fe5386`)
Product	Citect Anywhere (`4a278f65-9117-5658-be3e-f3e2bb2219f1`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2017-7972`	vulnerable	2026-06-03 14:37:38.576960	Details available A vulnerability exists in Schneider Electric's PowerSCADA Anywhere v1.0 redistributed with PowerSCADA Expert v8.1 and PowerSCADA Expert v8.2 and Citect Anywhere version 1.0 that allows the ability to escape out of remote PowerSCADA Anywhere applications and launch other processes. Published: 2017-09-25T19:00:00.000Z Updated: 2024-09-16T17:59:07.360Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/99913 https://www.citect.schneider-electric.com/safety-and-security-central/36-security-notifications/9071-security-notification-citect-anywhere http://www.schneider-electric.com/en/download/document/SEVD-2017-173-01/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-7971`	vulnerable	2026-06-03 14:37:38.576535	Details available A vulnerability exists in Schneider Electric's PowerSCADA Anywhere v1.0 redistributed with PowerSCADA Expert v8.1 and PowerSCADA Expert v8.2 and Citect Anywhere version 1.0 that allows the use of outdated cipher suites and improper verification of peer SSL Certificate. Published: 2017-09-25T19:00:00.000Z Updated: 2024-09-16T22:15:34.585Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/99913 https://www.citect.schneider-electric.com/safety-and-security-central/36-security-notifications/9071-security-notification-citect-anywhere http://www.schneider-electric.com/en/download/document/SEVD-2017-173-01/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-7970`	vulnerable	2026-06-03 14:37:38.576068	Details available A vulnerability exists in Schneider Electric's PowerSCADA Anywhere v1.0 redistributed with PowerSCADA Expert v8.1 and PowerSCADA Expert v8.2 and Citect Anywhere version 1.0 that allows the ability to specify Arbitrary Server Target Nodes in connection requests to the Secure Gateway and Server components. Published: 2017-09-25T19:00:00.000Z Updated: 2024-09-17T02:56:33.769Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/99913 https://www.citect.schneider-electric.com/safety-and-security-central/36-security-notifications/9071-security-notification-citect-anywhere http://www.schneider-electric.com/en/download/document/SEVD-2017-173-01/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-7969`	vulnerable	2026-06-03 14:37:38.573469	Details available A cross-site request forgery vulnerability exists on the Secure Gateway component of Schneider Electric's PowerSCADA Anywhere v1.0 redistributed with PowerSCADA Expert v8.1 and PowerSCADA Expert v8.2 and Citect Anywhere version 1.0 for multiple state-changing requests. This type of attack requires some level of social engineering in order to get a legitimate user to click on or access a malicious link/site containing the CSRF attack. Published: 2017-09-25T19:00:00.000Z Updated: 2024-09-17T01:30:49.504Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/99913 https://www.citect.schneider-electric.com/safety-and-security-central/36-security-notifications/9071-security-notification-citect-anywhere http://www.schneider-electric.com/en/download/document/SEVD-2017-173-01/	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Citect Anywhere

PURL mappings

Vulnerability references

Contribute