PT-2023-2102 · Abb · Abb Infinity Dc Power Plant+1
Published
2023-03-16
·
Updated
2023-03-24
·
CVE-2022-26080
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:S/C:P/I:C/A:N |
Name of the Vulnerable Software and Affected Versions
ABB Pulsar Plus System Controller NE843 S
ABB Infinity DC Power Plant H5692448 G104
ABB Infinity DC Power Plant H5692448 G842
ABB Infinity DC Power Plant H5692448 G224L
ABB Infinity DC Power Plant H5692448 G630-4
ABB Infinity DC Power Plant H5692448 G451C(2)
ABB Infinity DC Power Plant H5692448 G461(2)
Description
The issue is related to the use of insufficiently random values, which can allow a remote attacker to gain unauthorized access to session identifiers.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Use of Insufficiently Random Values
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Abb Infinity Dc Power Plant
Abb Pulsar Plus System Controller