PT-2018-8431 · Abb · Abb Ip Gateway

Published

2018-06-06

Updated

2019-10-09

CVE-2017-7931

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions ABB IP GATEWAY versions 3.39 and prior

Description A malicious user can access configuration files and application pages without authentication by accessing a specific uniform resource locator (URL) on the web server.

Recommendations For ABB IP GATEWAY versions 3.39 and prior, consider restricting access to the web server until a fix is available. As a temporary workaround, limit access to the specific uniform resource locator (URL) that allows unauthorized access to configuration files and application pages.

Fix

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287

Related Identifiers

CVE-2017-7931

Affected Products

Abb Ip Gateway

PT-2018-8431 · Abb · Abb Ip Gateway

CVE-2017-7931

Weakness Enumeration

Related Identifiers

Affected Products

References · 4