The vulnerability of the online service for managing enterprise assets and planning resources in resource-intensive industries like Ellipse EAM lies in its lack of protection for the website structure. This allows attackers to manipulate the content of the website.

🗓️ 30 Mar 2021 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 1 Views

The online asset management service lacks website structure protection, enabling remote manipulation.

Reporter	Title	Published	Views	Family All 11
CNNVD	Ellipse Enterprise Asset Management跨站脚本漏洞	2 Mar 202100:00	–	cnnvd
CVE	CVE-2021-27414	11 Mar 202217:54	–	cve
Cvelist	CVE-2021-27414 User interface misrepresentation of critical information in Hitachi ABB Power Grids Ellipse EAM	11 Mar 202217:54	–	cvelist
EUVD	EUVD-2021-14168	7 Oct 202500:30	–	euvd
ICS	Hitachi ABB Power Grids Ellipse EAM	2 Mar 202100:00	–	ics
NVD	CVE-2021-27414	11 Mar 202218:15	–	nvd
OSV	CVE-2021-27414	11 Mar 202218:15	–	osv
Prion	Authentication flaw	11 Mar 202218:15	–	prion
Positive Technologies	PT-2021-2366 · Hitachi Abb Power Grids · Ellipse Enterprise Asset Management	3 Mar 202100:00	–	ptsecurity
RedhatCVE	CVE-2021-27414	22 May 202519:31	–	redhatcve

Vulners

Node

abb ellipse_eamMatch9.0.25

Source	Link
us-cert	www.us-cert.gov/ics/advisories/icsa-21-061-01
cybersecurity-help	www.cybersecurity-help.cz/vulnerabilities/51182/
web	www.web.nvd.nist.gov/view/vuln/detail

30 Mar 2021 00:00Current

6.3Medium risk

Vulners AI Score6.3

CVSS 34.6

CVSS 25.5

EPSS0.00551

website structure protection remote manipulation asset management service enterprise asset management