CVE-2020-28218

Medium

A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists in Easergy T300 (firmware 2.7 and older), that would…

schneider·CWE-1021·Published 2020-12-11

CVSS

6.5

EPSS

0.01

KEV

Exploits

cve.orgen

210 chars

A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists in Easergy T300 (firmware 2.7 and older), that would allow an attacker to trick a user into initiating an unintended action.

NVDen

210 chars

NVDes

287 chars

Una CWE-1021: Se presenta una vulnerabilidad de Restricción Inapropiada de las Capas o Tramas de la Interfaz de Usuario Renderizada en Easergy T300 (versiones de firmware 2.7 y anteriores), que podría permitir a un atacante engañar a un usuario para que inicie una acción no intencionada

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:P/A:N
3.1	Primary	NVD	6.5	2.8	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N