Lucene search

ABBCVELIST:CVE-2020-11646

HistoryOct 15, 2020 - 2:59 p.m.

CVE-2020-11646 GateManager Log Information Disclosure Vulnerability

2020-10-1514:59:26

CWE-532

ABB

www.cve.org

gatemanager

log information

disclosure

b&r

vulnerability

authenticated users

reserved information

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

AI Score

4.4

Confidence

High

EPSS

0.001

Percentile

22.7%

JSON

A log information disclosure vulnerability in B&R GateManager 4260 and 9250 versions <9.0.20262 and GateManager 8250 versions <9.2.620236042 allows authenticated users to view log information reserved for other users.

CNA Affected

[
  {
    "product": "GateManager",
    "vendor": "B&R",
    "versions": [
      {
        "lessThan": "9.0.20262",
        "status": "affected",
        "version": "4260",
        "versionType": "custom"
      },
      {
        "lessThan": "9.0.20262",
        "status": "affected",
        "version": "9250",
        "versionType": "custom"
      },
      {
        "lessThan": "9.2.620236042",
        "status": "affected",
        "version": "8250",
        "versionType": "custom"
      }
    ]
  }
]

References

us-cert.cisa.gov/ics/advisories/icsa-20-273-03

www.br-automation.com/downloads_br_productcatalogue/assets/1600003183751-de-original-1.0.pdf

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

AI Score

4.4

Confidence

High

EPSS

0.001

Percentile

22.7%

JSON

Related for CVELIST:CVE-2020-11646