Cross site request forgery (csrf)

2018-06-0620:29:00

PRIOn knowledge base

www.prio-n.com

8.8 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

37.2%

JSON

In ABB IP GATEWAY 3.39 and prior, the web server does not sufficiently verify that a request was performed by the authenticated user, which may allow an attacker to launch a request impersonating that user.

CPENameOperatorVersion
ip_gateway_firmwarele3.39

CPE	Name	Operator	Version
	ip_gateway_firmware	le	3.39

References

www.securityfocus.com/bid/104388

ics-cert.us-cert.gov/advisories/ICSA-18-156-01