CVE-2023-31151: Improper Certificate Validation

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2023-31151

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Improper Certificate Validation

Source: NVD (National Vulnerability Database)

Vulnerability Description

An Improper Certificate Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote unauthenticated attacker to conduct a man-in-the-middle (MitM) attack. See SEL Service Bulletin dated 2022-11-15 for more details.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N

Source: NVD (National Vulnerability Database)

Vulnerability Type

证书验证不恰当

Source: NVD (National Vulnerability Database)

Vulnerability Title

Schweitzer Engineering Laboratories Real Time Automation Controller 信任管理问题漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Schweitzer Engineering Laboratories Real Time Automation Controller（SEL RTAC）是美国Schweitzer Engineering Laboratories公司的一个功能强大的多功能自动化平台。 Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC)存在安全漏洞，该漏洞源于数据库系统中以可恢复格式存储密码，远程攻击者利用该漏洞可以检

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE
Schweitzer Engineering Laboratories	SEL-3505	R147-V0 ~ R150-V2	-
Schweitzer Engineering Laboratories	SEL-3505-3	R147-V0 ~ R150-V2	-
Schweitzer Engineering Laboratories	SEL-3530	R147-V0 ~ R150-V2	-
Schweitzer Engineering Laboratories	SEL-3530-4	R147-V0 ~ R150-V2	-
Schweitzer Engineering Laboratories	SEL-3532	R147-V0 ~ R150-V2	-
Schweitzer Engineering Laboratories	SEL-3555	R147-V0 ~ R150-V2	-
Schweitzer Engineering Laboratories	SEL-3560S	R147-V0 ~ R150-V2	-
Schweitzer Engineering Laboratories	SEL-3560E	R147-V0 ~ R150-V2	-
Schweitzer Engineering Laboratories	SEL-2241 RTAC module	R147-V0 ~ R150-V2	-
Schweitzer Engineering Laboratories	SEL-3350	R148-V0 ~ R150-V2	-

II. Public POCs for CVE-2023-31151

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2023-31151

Please Login to view more intelligence information

IV. Related Vulnerabilities

Same product: SEL-3505

Same vendor: Schweitzer Engineering Laboratories

Same weakness: CWE-295

V. Comments for CVE-2023-31151

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2023-31151

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2023-31151

III. Intelligence Information for CVE-2023-31151

IV. Related Vulnerabilities

V. Comments for CVE-2023-31151

Leave a comment