PT-2018-8431 · Abb · Abb Ip Gateway

Publicado

2018-06-06

Atualizado

2019-10-09

CVE-2017-7931

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions ABB IP GATEWAY versions 3.39 and prior

Description A malicious user can access configuration files and application pages without authentication by accessing a specific uniform resource locator (URL) on the web server.

Recommendations For ABB IP GATEWAY versions 3.39 and prior, consider restricting access to the web server until a fix is available. As a temporary workaround, limit access to the specific uniform resource locator (URL) that allows unauthorized access to configuration files and application pages.

Correção

Improper Authentication

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-287

Identificadores relacionados

CVE-2017-7931

Produtos afetados

Abb Ip Gateway

PT-2018-8431 · Abb · Abb Ip Gateway

CVE-2017-7931

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4