{"cve":{"cve_id":"CVE-2023-0595","is_kev":false,"kev_date_added":null,"kev_vendor_project":null,"kev_product":null,"kev_vulnerability_name":null,"kev_short_description":null,"kev_required_action":null,"kev_due_date":null,"kev_known_ransomware":null,"kev_notes":null,"kev_cwes":null,"epss_score":0.00417,"epss_percentile":0.33237,"epss_as_of":"2026-06-23","description":"A CWE-117: Improper Output Neutralization for Logs vulnerability exists that could cause the misinterpretation of log files when malicious packets are sent to the Geo SCADA server's database web port (default 443). Affected products: EcoStruxure Geo SCADA Expert 2019, EcoStruxure Geo SCADA Expert 2020, EcoStruxure Geo SCADA Expert 2021(All Versions prior to October 2022), ClearSCADA (All Versions)\n\n","published_at":"2023-02-24T00:00:00Z","last_modified_at":null,"cvss_v3_score":5.3,"cvss_v3_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","cvss_v3_severity":"MEDIUM","cvss_v4_score":null,"cvss_v4_vector":null,"cvss_v4_severity":null,"ssvc_decision":null,"ssvc_exploitation":"none","ssvc_automatable":true,"ssvc_technical_impact":"partial","cwes":["CWE-117"],"nvd_references":["https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-045-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-045-01.pdf"],"vuln_status":null,"trending_score":null,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:39.878444Z","updated_at":"2026-06-29T01:23:47.661067Z"},"effective_severity":"MEDIUM","badges":[],"impact_analysis":[],"cvss_v3_decoded":{"version":"3.1","metrics":[{"metric":"AV","name":"Attack Vector","value":"N","value_label":"Network"},{"metric":"AC","name":"Attack Complexity","value":"L","value_label":"Low"},{"metric":"PR","name":"Privileges Required","value":"N","value_label":"None"},{"metric":"UI","name":"User Interaction","value":"N","value_label":"None"},{"metric":"S","name":"Scope","value":"U","value_label":"Unchanged"},{"metric":"C","name":"Confidentiality","value":"N","value_label":"None"},{"metric":"I","name":"Integrity","value":"L","value_label":"Low"},{"metric":"A","name":"Availability","value":"N","value_label":"None"}]},"cvss_v4_decoded":{"version":null,"metrics":[]},"affected":[{"vendor_slug":"schneider-electric","vendor_name":"Schneider Electric","product_slug":"clearscada","product_name":"ClearSCADA","version_start":"All  Versions","version_start_inclusive":true,"version_end":"All  Versions","version_end_inclusive":true,"cpe23_uri":"cve5:schneider-electric:clearscada:All  Versions:All  Versions"},{"vendor_slug":"schneider-electric","vendor_name":"Schneider Electric","product_slug":"ecostruxure-geo-scada-expert-2019","product_name":"EcoStruxure Geo SCADA Expert 2019","version_start":"All","version_start_inclusive":true,"version_end":"October 2022","version_end_inclusive":true,"cpe23_uri":"cve5:schneider-electric:ecostruxure-geo-scada-expert-2019:All:October 2022"},{"vendor_slug":"schneider-electric","vendor_name":"Schneider Electric","product_slug":"ecostruxure-geo-scada-expert-2020","product_name":"EcoStruxure Geo SCADA Expert 2020","version_start":"All","version_start_inclusive":true,"version_end":"October 2022","version_end_inclusive":true,"cpe23_uri":"cve5:schneider-electric:ecostruxure-geo-scada-expert-2020:All:October 2022"},{"vendor_slug":"schneider-electric","vendor_name":"Schneider Electric","product_slug":"ecostruxure-geo-scada-expert-2021","product_name":"EcoStruxure Geo SCADA Expert 2021","version_start":"All ","version_start_inclusive":true,"version_end":"October 2022","version_end_inclusive":true,"cpe23_uri":"cve5:schneider-electric:ecostruxure-geo-scada-expert-2021:All :October 2022"}],"exploit_refs":[],"news":[],"references":[{"url":"https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-045-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-045-01.pdf","source_type":"MISC","tags":[]}],"timeline":[{"type":"published","at":"2023-02-24T00:00:00Z","label":"CVE published","source":null},{"type":"cvss_changed","at":"2026-06-28T17:25:38.989709Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:25:38.989709Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:25:38.989709Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"ssvc_changed","at":"2026-06-29T01:23:47.661067Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"ssvc_changed","at":"2026-06-29T01:23:47.661067Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"ssvc_changed","at":"2026-06-29T01:23:47.661067Z","label":"SSVC decision revised","source":"vulnrichment"}]}