Lucene search

ABBCVELIST:CVE-2022-34837

HistoryJul 26, 2022 - 12:00 a.m.

CVE-2022-34837 ABB Ability TM Operations Data Management Zenon Zenon Log Server file access control

2022-07-2600:00:00

CWE-257

ABB

www.cve.org

6.2 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L

6.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.6%

JSON

Storing Passwords in a Recoverable Format vulnerability in ABB Zenon 8.20 allows an attacker who successfully exploit the vulnerability may add more network clients that may monitor various activities of the Zenon.

CNA Affected

[
  {
    "product": "ABB Zenon",
    "vendor": "ABB",
    "versions": [
      {
        "lessThanOrEqual": "8.20",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

References

search.abb.com/library/Download.aspx?DocumentID=2NGA001479&LanguageCode=en&DocumentPartId=&Action=Launch

6.2 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L

6.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.6%

JSON

Related for CVELIST:CVE-2022-34837