CVE-2023-34388

Summary

An Improper Authentication vulnerability in the Schweitzer Engineering Laboratories SEL-451 could allow a remote unauthenticated attacker to potentially perform session hijacking attack and bypass authentication.

See product Instruction Manual Appendix A dated 20230830 for more details.

Affected Software

VendorProductVersion RangeStatus
Schweitzer Engineering LaboratoriesSEL-451R315-V0 < R315-V4affected
Schweitzer Engineering LaboratoriesSEL-451R316-V0 < R316-V4affected
Schweitzer Engineering LaboratoriesSEL-451R317-V0 < R317-V4affected
Schweitzer Engineering LaboratoriesSEL-451R318-V0 < R318-V5affected
Schweitzer Engineering LaboratoriesSEL-451R320-V0 < R320-V3affected
Schweitzer Engineering LaboratoriesSEL-451R321-V0 < R321-V3affected
Schweitzer Engineering LaboratoriesSEL-451R322-V0 < R322-V3affected
Schweitzer Engineering LaboratoriesSEL-451R323-V0 < R323-V5affected
Schweitzer Engineering LaboratoriesSEL-451R324-V0 < R324-V4affected
Schweitzer Engineering LaboratoriesSEL-451R325-V0 < R325-V3affected
Schweitzer Engineering LaboratoriesSEL-451R326-V0 < R326-V1affected
Schweitzer Engineering LaboratoriesSEL-451R327-V0 < R327-V1affected

Weaknesses

  • CWE-287: CWE-287 Improper Authentication

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References