CVE-2020-7573 – Schneider Electric Strux

Vulnerability Description: Improper Access Control
Software Version: Schneider Electric StruxureWare Building Operation WebReports versions 1.9 – 3.1.
NIST:  https://nvd.nist.gov/vuln/detail/CVE-2020-7573
CVSv3: 6.5
Severity: Medium
Credits: Alessandro Bosco, Luca Di Giuseppe, Alessandro Sabetta, Massimiliano Brolli

A remote non-authenticated attacker is able to access a restricted web resource due to improper access control.