Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-34757

A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists where weak cipher suites can be used for the SSH connection between Easergy Pro software and the device, which may allow an attacker to observe protected communication details. Affected Products: Easergy P5 (V01.401.102 and prior)

Published

2022-07-13T21:15:08.340

Last Modified

2024-11-21T07:10:07.670

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.7 (MEDIUM)

Weaknesses

Type: Primary
CWE-327

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	schneider-electric	easergy_p5_firmware	≤ 01.401.102	Yes
Hardware	schneider-electric	easergy_p5	-	No

References

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-193-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-193-04_Easergy_P5_Security_Notification.pdf Patch, Vendor Advisory ([email protected])
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-193-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-193-04_Easergy_P5_Security_Notification.pdf Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)