Lucene search

[email protected]CVE-2022-34837

HistoryAug 24, 2022 - 4:15 p.m.

CVE-2022-34837

2022-08-2416:15:12

CWE-522

CWE-257

[email protected]

web.nvd.nist.gov

cve

2022

34837

storing passwords

recoverable format

abb zenon

nvd

6.2 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L

6.2 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.7%

JSON

Storing Passwords in a Recoverable Format vulnerability in ABB Zenon 8.20 allows an attacker who successfully exploit the vulnerability may add more network clients that may monitor various activities of the Zenon.

Affected configurations

NVD

Node

abbzenonRange≤8.20

CPENameOperatorVersion
abb:zenonabb zenonle8.20

CPE	Name	Operator	Version
abb:zenon	abb zenon	le	8.20

CNA Affected

[
  {
    "product": "ABB Zenon",
    "vendor": "ABB",
    "versions": [
      {
        "lessThanOrEqual": "8.20",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

References

search.abb.com/library/Download.aspx?DocumentID=2NGA001479&LanguageCode=en&DocumentPartId=&Action=Launch

Social References

6.2 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L

6.2 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.7%

JSON

Related for CVE-2022-34837

cvelist1 nvd1 prion1