Lucene search
This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.OT_500406.NASLHistoryAug 10, 2021 - 12:00 a.m.
Abb Base Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
2021-08-1000:00:00
This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
7
0.0004 Low
EPSS
Percentile
12.7%
Insufficient protection of the inter-process communication functions in ABB System 800xA products OPC Server for AC 800M, MMS Server for AC 800M and Base Software for SoftControl (all published versions) enables an attacker authenticated on the local system to inject data, affecting the online view of runtime data shown in Control Builder.
File data ot_500406.nasl| Vendor | Product | Version | CPE |
|---|---|---|---|
| abb | base_software | * | cpe:2.3:a:abb:base_software:*:*:*:*:*:softcontrol:*:* |
| abb | mms_server | * | cpe:2.3:a:abb:mms_server:*:*:*:*:*:*:*:* |
| abb | opc_server | * | cpe:2.3:a:abb:opc_server:*:*:*:*:*:*:*:* |
Related
prion
prion
Design/Logic Flaw
2020-04-29 02:15:00
cve
cve
CVE-2020-8478
2020-04-29 02:15:11
nvd
nvd
CVE-2020-8478
2020-04-29 02:15:11
cvelist
cvelist
CVE-2020-8478 ABB System 800xA Inter process communication vulnerability
2020-04-29 01:58:54
ics
ics
ABB Multiple System 800xA Products
2020-06-02 12:00:00