Sel 3505 Firmware
Approved changes feed: RSS · Atom
cpe:2.3:o:selinc:sel-3505_firmware:*:*:*:*:*:*:*:*
part: o version: * update: *
| Vendor | Selinc (e63d0bf7-b1b6-57e8-b404-39515cb45629) |
|---|---|
| Product | Sel 3505 Firmware (95f74606-8983-565d-92cc-60c651ff72a4) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-31166 |
vulnerable | 2026-06-03 14:51:54.754496 |
Improper Limitation of a Pathname to a Restricted Directory
MEDIUM (4.1)
An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to create folders in arbitrary paths of the file system.
See SEL Service Bulletin dated 2022-11-15 for more details.
Published: 2023-05-10T19:25:59.606Z
Updated: 2025-01-24T19:28:19.480Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-31165 |
vulnerable | 2026-06-03 14:51:54.752740 |
Improper Neutralization of Input During Web Page Generation
MEDIUM (4.3)
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code.
See SEL Service Bulletin dated 2022-11-15 for more details.
Published: 2023-05-10T19:25:34.186Z
Updated: 2025-01-24T19:27:55.295Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-31164 |
vulnerable | 2026-06-03 14:51:54.751233 |
Improper Neutralization of Input During Web Page Generation
MEDIUM (4.3)
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code.
See SEL Service Bulletin dated 2022-11-15 for more details.
Published: 2023-05-10T19:25:16.534Z
Updated: 2025-01-24T19:27:38.573Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-31163 |
vulnerable | 2026-06-03 14:51:54.749619 |
Improper Neutralization of Input During Web Page Generation
MEDIUM (4.3)
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code.
See SEL Service Bulletin dated 2022-11-15 for more details.
Published: 2023-05-10T19:24:45.965Z
Updated: 2025-01-24T19:27:13.760Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-31162 |
vulnerable | 2026-06-03 14:51:54.747916 |
Improper Input Validation in Web Interface
MEDIUM (4.8)
An Improper Input Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to arbitrarily alter the content of a configuration file.
See SEL Service Bulletin dated 2022-11-15 for more details.
Published: 2023-05-10T19:24:20.480Z
Updated: 2025-01-24T19:26:55.712Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-31160 |
vulnerable | 2026-06-03 14:51:54.744799 |
Improper Neutralization of Input During Web Page Generation
MEDIUM (4.3)
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code.
See SEL Service Bulletin dated 2022-11-15 for more details.
Published: 2023-05-10T19:23:43.200Z
Updated: 2025-01-24T19:19:25.906Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-31159 |
vulnerable | 2026-06-03 14:51:54.743350 |
Improper Neutralization of Input During Web Page Generation
MEDIUM (4.3)
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code.
See SEL Service Bulletin dated 2022-11-15 for more details.
Published: 2023-05-10T19:23:29.182Z
Updated: 2025-01-24T19:10:07.456Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-31158 |
vulnerable | 2026-06-03 14:51:54.741782 |
Improper Neutralization of Input During Web Page Generation
MEDIUM (4.3)
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code.
See SEL Service Bulletin dated 2022-11-15 for more details.
Published: 2023-05-10T19:23:15.171Z
Updated: 2025-01-24T19:09:47.546Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-31157 |
vulnerable | 2026-06-03 14:51:54.740388 |
Improper Neutralization of Input During Web Page Generation
MEDIUM (4.3)
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code.
See SEL Service Bulletin dated 2022-11-15 for more details.
Published: 2023-05-10T19:22:58.877Z
Updated: 2025-01-24T19:09:33.094Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-31156 |
vulnerable | 2026-06-03 14:51:54.738961 |
Improper Neutralization of Input During Web Page Generation
MEDIUM (4.3)
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code.
See SEL Service Bulletin dated 2022-11-15 for more details.
Published: 2023-05-10T19:22:44.225Z
Updated: 2025-01-24T19:08:49.377Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-31155 |
vulnerable | 2026-06-03 14:51:54.737580 |
Improper Neutralization of Input During Web Page Generation
MEDIUM (4.3)
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code.
See SEL Service Bulletin dated 2022-11-15 for more details.
Published: 2023-05-10T19:22:32.651Z
Updated: 2025-01-24T19:05:41.753Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-31154 |
vulnerable | 2026-06-03 14:51:54.736128 |
Improper Neutralization of Input During Web Page Generation
MEDIUM (4.3)
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code.
See SEL Service Bulletin dated 2022-11-15 for more details.
Published: 2023-05-10T19:22:18.749Z
Updated: 2025-01-24T19:05:24.335Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-31153 |
vulnerable | 2026-06-03 14:51:54.734559 |
Improper Neutralization of Input During Web Page Generation
MEDIUM (4.3)
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code.See SEL Service Bulletin dated 2022-11-15 for more details.
Published: 2023-05-10T19:22:06.307Z
Updated: 2025-01-24T19:05:05.448Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-31152 |
vulnerable | 2026-06-03 14:51:54.732971 |
Authentication Bypass Using an Alternate Path or Channel
MEDIUM (4)
An Authentication Bypass Using an Alternate Path or Channel vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface allows Authentication Bypass.
See SEL Service Bulletin dated 2022-11-15 for more details.
Published: 2023-05-10T19:21:50.029Z
Updated: 2025-01-24T19:04:25.192Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-31151 |
vulnerable | 2026-06-03 14:51:54.731370 |
Improper Certificate Validation
MEDIUM (4.7)
An Improper Certificate Validation vulnerability
in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface
could allow a remote unauthenticated attacker to conduct a man-in-the-middle (MitM) attack.
See SEL Service Bulletin dated 2022-11-15 for more details.
Published: 2023-05-10T19:21:30.649Z
Updated: 2025-01-24T19:04:04.464Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-31150 |
vulnerable | 2026-06-03 14:51:54.729855 |
Storing Passwords in a Recoverable Format
HIGH (8)
A Storing Passwords in a Recoverable Format vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) database system could allow an authenticated attacker to retrieve passwords.
See SEL Service Bulletin dated 2022-11-15 for more details.
Published: 2023-05-10T19:21:07.126Z
Updated: 2025-01-27T18:17:15.598Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-31149 |
vulnerable | 2026-06-03 14:51:54.728070 |
Improper Input Validation in Web Interface
CRITICAL (9.1)
An Improper Input Validation vulnerability
in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to execute arbitrary code.
See SEL Service Bulletin dated 2022-11-15 for more details.
Published: 2023-05-10T19:20:16.373Z
Updated: 2025-01-27T18:18:20.153Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-31148 |
vulnerable | 2026-06-03 14:51:54.719442 |
Improper Input Validation in Web Interface
CRITICAL (9.1)
An Improper Input Validation vulnerability
in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to execute arbitrary code.
See SEL Service Bulletin dated 2022-11-15 for more details.
Published: 2023-05-10T19:20:03.147Z
Updated: 2025-01-27T18:19:19.558Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-2310 |
vulnerable | 2026-06-03 14:51:42.826905 |
Channel Accessible by Non-Endpoint
MEDIUM (6.8)
A Channel Accessible by Non-Endpoint vulnerability in the Schweitzer Engineering Laboratories SEL Real-Time Automation Controller (RTAC) could allow a remote attacker to perform a man-in-the-middle (MiTM) that could result in denial of service.
See the ACSELERATOR RTAC SEL-5033 Software instruction manual date code 20210915 for more details.
Published: 2023-05-10T19:18:43.806Z
Updated: 2025-01-27T18:20:35.192Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.