4 matches found
CVE-2017-7906
The CVE-2017-7906 entry concerns ABB IP Gateway, versions 3.39 and earlier. The vulnerability is a Cross-Site Request Forgery (CSRF) in the web server, which does not sufficiently verify that a request is performed by the authenticated user, enabling an attacker to perform actions impersonating t...
CVE-2017-7933
CVE-2017-7933 affects ABB IP Gateway versions 3.39 and earlier. The vulnerability arises from passwords stored in plain-text in configuration files, enabling an attacker to gain unauthorized access over the network. The issue is categorized under unprotected storage of credentials (CWE-256) and i...
CVE-2017-7931
The CVE describes an authentication flaw in ABB IP Gateway (versions up to 3.39). Attackers could access configuration files and application pages without authentication by requesting a specific URL on the web server. The issue affects ABB IP Gateway, a building-management system, with the ICSA a...