{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-7561","assignerOrgId":"076d1eb6-cfab-4401-b34d-6dfc2a413bdb","assignerShortName":"schneider","dateUpdated":"2024-08-04T09:33:19.875Z","dateReserved":"2020-01-21T00:00:00.000Z","datePublished":"2020-11-19T00:00:00.000Z"},"containers":{"cna":{"providerMetadata":{"orgId":"076d1eb6-cfab-4401-b34d-6dfc2a413bdb","shortName":"schneider","dateUpdated":"2022-10-28T00:00:00.000Z"},"descriptions":[{"lang":"en","value":"A CWE-306: Missing Authentication for Critical Function vulnerability exists in Easergy T300 (with firmware 2.7 and older) that could cause a wide range of problems, including information exposure, denial of service, and command execution when access to a resource from an attacker is not restricted or incorrectly restricted."}],"affected":[{"vendor":"n/a","product":"Easergy T300 with firmware 2.7 and older","versions":[{"version":"Easergy T300 with firmware 2.7 and older","status":"affected"}]}],"references":[{"url":"https://www.se.com/ww/en/download/document/SEVD-2020-315-06/"},{"url":"https://us-cert.cisa.gov/ics/advisories/icsa-20-343-03"}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-284:Improper Access Control","cweId":"CWE-284"}]}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T09:33:19.875Z"},"title":"CVE Program Container","references":[{"url":"https://www.se.com/ww/en/download/document/SEVD-2020-315-06/","tags":["x_transferred"]},{"url":"https://us-cert.cisa.gov/ics/advisories/icsa-20-343-03","tags":["x_transferred"]}]}]}}