PT-2018-8432 · Abb · Abb Ip Gateway
Published
2018-06-06
·
Updated
2019-10-03
·
CVE-2017-7933
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
ABB IP GATEWAY versions 3.39 and prior
Description
The issue concerns configuration files that store passwords in plain-text, potentially allowing an attacker to gain unauthorized access.
Recommendations
For ABB IP GATEWAY versions 3.39 and prior, consider updating the configuration to store passwords securely, such as using encryption, until a patch is available. As a temporary workaround, restrict access to the configuration files to minimize the risk of exploitation.
Fix
Insufficiently Protected Credentials
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Abb Ip Gateway