In ABB IP GATEWAY 3.39 and prior, by accessing a specific uniform resource locator (URL) on the web server, a malicious user is able to access the configuration files and application pages without authentication.
[
{
"product": "ABB IP GATEWAY",
"vendor": "ICS-CERT",
"versions": [
{
"status": "affected",
"version": "All versions prior to version 3.39"
}
]
}
]