Sel 3505 3
Approved changes feed: RSS · Atom
cpe:2.3:a:schweitzer_engineering_laboratories:sel-3505-3:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Schweitzer Engineering Laboratories (d1368798-4a69-5cdf-937e-18f5ef408253) |
|---|---|
| Product | Sel 3505 3 (ee1723d3-dbc3-5b88-8ef8-c4403e026c12) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-31166 |
vulnerable | 2026-06-03 14:51:54.754129 |
Improper Limitation of a Pathname to a Restricted Directory
MEDIUM (4.1)
An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to create folders in arbitrary paths of the file system.
See SEL Service Bulletin dated 2022-11-15 for more details.
Published: 2023-05-10T19:25:59.606Z
Updated: 2025-01-24T19:28:19.480Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-31165 |
vulnerable | 2026-06-03 14:51:54.752502 |
Improper Neutralization of Input During Web Page Generation
MEDIUM (4.3)
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code.
See SEL Service Bulletin dated 2022-11-15 for more details.
Published: 2023-05-10T19:25:34.186Z
Updated: 2025-01-24T19:27:55.295Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-31164 |
vulnerable | 2026-06-03 14:51:54.750872 |
Improper Neutralization of Input During Web Page Generation
MEDIUM (4.3)
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code.
See SEL Service Bulletin dated 2022-11-15 for more details.
Published: 2023-05-10T19:25:16.534Z
Updated: 2025-01-24T19:27:38.573Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-31163 |
vulnerable | 2026-06-03 14:51:54.749373 |
Improper Neutralization of Input During Web Page Generation
MEDIUM (4.3)
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code.
See SEL Service Bulletin dated 2022-11-15 for more details.
Published: 2023-05-10T19:24:45.965Z
Updated: 2025-01-24T19:27:13.760Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-31162 |
vulnerable | 2026-06-03 14:51:54.746843 |
Improper Input Validation in Web Interface
MEDIUM (4.8)
An Improper Input Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to arbitrarily alter the content of a configuration file.
See SEL Service Bulletin dated 2022-11-15 for more details.
Published: 2023-05-10T19:24:20.480Z
Updated: 2025-01-24T19:26:55.712Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-31160 |
vulnerable | 2026-06-03 14:51:54.744563 |
Improper Neutralization of Input During Web Page Generation
MEDIUM (4.3)
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code.
See SEL Service Bulletin dated 2022-11-15 for more details.
Published: 2023-05-10T19:23:43.200Z
Updated: 2025-01-24T19:19:25.906Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-31159 |
vulnerable | 2026-06-03 14:51:54.742910 |
Improper Neutralization of Input During Web Page Generation
MEDIUM (4.3)
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code.
See SEL Service Bulletin dated 2022-11-15 for more details.
Published: 2023-05-10T19:23:29.182Z
Updated: 2025-01-24T19:10:07.456Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-31158 |
vulnerable | 2026-06-03 14:51:54.741419 |
Improper Neutralization of Input During Web Page Generation
MEDIUM (4.3)
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code.
See SEL Service Bulletin dated 2022-11-15 for more details.
Published: 2023-05-10T19:23:15.171Z
Updated: 2025-01-24T19:09:47.546Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-31157 |
vulnerable | 2026-06-03 14:51:54.740138 |
Improper Neutralization of Input During Web Page Generation
MEDIUM (4.3)
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code.
See SEL Service Bulletin dated 2022-11-15 for more details.
Published: 2023-05-10T19:22:58.877Z
Updated: 2025-01-24T19:09:33.094Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-31156 |
vulnerable | 2026-06-03 14:51:54.738606 |
Improper Neutralization of Input During Web Page Generation
MEDIUM (4.3)
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code.
See SEL Service Bulletin dated 2022-11-15 for more details.
Published: 2023-05-10T19:22:44.225Z
Updated: 2025-01-24T19:08:49.377Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-31155 |
vulnerable | 2026-06-03 14:51:54.737340 |
Improper Neutralization of Input During Web Page Generation
MEDIUM (4.3)
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code.
See SEL Service Bulletin dated 2022-11-15 for more details.
Published: 2023-05-10T19:22:32.651Z
Updated: 2025-01-24T19:05:41.753Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-31154 |
vulnerable | 2026-06-03 14:51:54.735730 |
Improper Neutralization of Input During Web Page Generation
MEDIUM (4.3)
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code.
See SEL Service Bulletin dated 2022-11-15 for more details.
Published: 2023-05-10T19:22:18.749Z
Updated: 2025-01-24T19:05:24.335Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-31153 |
vulnerable | 2026-06-03 14:51:54.734219 |
Improper Neutralization of Input During Web Page Generation
MEDIUM (4.3)
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code.See SEL Service Bulletin dated 2022-11-15 for more details.
Published: 2023-05-10T19:22:06.307Z
Updated: 2025-01-24T19:05:05.448Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-31152 |
vulnerable | 2026-06-03 14:51:54.732600 |
Authentication Bypass Using an Alternate Path or Channel
MEDIUM (4)
An Authentication Bypass Using an Alternate Path or Channel vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface allows Authentication Bypass.
See SEL Service Bulletin dated 2022-11-15 for more details.
Published: 2023-05-10T19:21:50.029Z
Updated: 2025-01-24T19:04:25.192Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-31151 |
vulnerable | 2026-06-03 14:51:54.731002 |
Improper Certificate Validation
MEDIUM (4.7)
An Improper Certificate Validation vulnerability
in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface
could allow a remote unauthenticated attacker to conduct a man-in-the-middle (MitM) attack.
See SEL Service Bulletin dated 2022-11-15 for more details.
Published: 2023-05-10T19:21:30.649Z
Updated: 2025-01-24T19:04:04.464Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-31150 |
vulnerable | 2026-06-03 14:51:54.729392 |
Storing Passwords in a Recoverable Format
HIGH (8)
A Storing Passwords in a Recoverable Format vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) database system could allow an authenticated attacker to retrieve passwords.
See SEL Service Bulletin dated 2022-11-15 for more details.
Published: 2023-05-10T19:21:07.126Z
Updated: 2025-01-27T18:17:15.598Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-31149 |
vulnerable | 2026-06-03 14:51:54.727818 |
Improper Input Validation in Web Interface
CRITICAL (9.1)
An Improper Input Validation vulnerability
in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to execute arbitrary code.
See SEL Service Bulletin dated 2022-11-15 for more details.
Published: 2023-05-10T19:20:16.373Z
Updated: 2025-01-27T18:18:20.153Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-31148 |
vulnerable | 2026-06-03 14:51:54.707783 |
Improper Input Validation in Web Interface
CRITICAL (9.1)
An Improper Input Validation vulnerability
in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to execute arbitrary code.
See SEL Service Bulletin dated 2022-11-15 for more details.
Published: 2023-05-10T19:20:03.147Z
Updated: 2025-01-27T18:19:19.558Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.