CVE-2021-22278

🗓️ 28 Oct 2021 12:45:58Reported by ABBType

A certificate validation vulnerability in PCM600 Update Manager allows attacker to install unwanted software packages

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2021-22278	28 Oct 202116:17	–	circl
CNNVD	Abb Pcm600信任管理问题漏洞	28 Oct 202100:00	–	cnnvd
Cvelist	CVE-2021-22278 Certificate verification vulnerability in Update Manager of PCM600 Engineering Tool	28 Oct 202112:45	–	cvelist
EUVD	EUVD-2021-9424	3 Oct 202520:07	–	euvd
ICS	Hitachi Energy PCM600 Update Manager	2 Dec 202100:00	–	ics
NVD	CVE-2021-22278	28 Oct 202113:15	–	nvd
OSV	CVE-2021-22278	28 Oct 202113:15	–	osv
Prion	Design/Logic Flaw	28 Oct 202113:15	–	prion
Positive Technologies	PT-2021-14929 · Unknown · Pcm600 Update Manager	28 Oct 202100:00	–	ptsecurity

NVD

Node

abb update_managerMatch2.1

abb update_managerMatch2.1.0.4

abb update_managerMatch2.2

abb update_managerMatch2.2.0.1

abb update_managerMatch2.2.0.2

abb update_managerMatch2.2.0.23

abb update_managerMatch2.3.0.60

abb update_managerMatch2.4.20041.1

abb update_managerMatch2.4.20119.2

Node

abb update_managerRange2.7–2.10

AND

hitachienergy pcm600Match-

[
  {
    "product": "PCM600",
    "vendor": "ABB",
    "versions": [
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "2.7",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "2.10",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "PCM600 Update Manager",
    "vendor": "ABB",
    "versions": [
      {
        "status": "affected",
        "version": "2.1"
      },
      {
        "status": "affected",
        "version": "2.1.0.4"
      },
      {
        "status": "affected",
        "version": "2.2"
      },
      {
        "status": "affected",
        "version": "2.2.0.1"
      },
      {
        "status": "affected",
        "version": "2.2.0.2"
      },
      {
        "status": "affected",
        "version": "2.2.0.23"
      },
      {
        "status": "affected",
        "version": "2.3.0.60"
      },
      {
        "status": "affected",
        "version": "2.4.20041.1"
      },
      {
        "status": "affected",
        "version": "2.4.20119.2"
      }
    ]
  },
  {
    "product": "PCM600",
    "vendor": "Hitachi Energy",
    "versions": [
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "2.7",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "2.10",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "PCM600 Update Manager",
    "vendor": "Hitachi Energy",
    "versions": [
      {
        "status": "affected",
        "version": "2.1"
      },
      {
        "status": "affected",
        "version": "2.1.0.4"
      },
      {
        "status": "affected",
        "version": "2.2"
      },
      {
        "status": "affected",
        "version": "2.2.0.1"
      },
      {
        "status": "affected",
        "version": "2.2.0.2"
      },
      {
        "status": "affected",
        "version": "2.2.0.23"
      },
      {
        "status": "affected",
        "version": "2.3.0.60"
      },
      {
        "status": "affected",
        "version": "2.4.20041.1"
      },
      {
        "status": "affected",
        "version": "2.4.20119.2"
      }
    ]
  }
]

Source	Link
search	www.search.abb.com/library/Download.aspx
search	www.search.abb.com/library/Download.aspx

21 Nov 2024 05:49Current

6.5Medium risk

Vulners AI Score6.5

CVSS 24.6

CVSS 3.16.7

EPSS0.00018

CWE-295