In ABB IP GATEWAY 3.39 and prior, the web server does not sufficiently verify that a request was performed by the authenticated user, which may allow an attacker to launch a request impersonating that user.
[
{
"product": "ABB IP GATEWAY",
"vendor": "ICS-CERT",
"versions": [
{
"status": "affected",
"version": "All versions prior to version 3.39"
}
]
}
]