Lucene search

ABBCVELIST:CVE-2022-34837

HistoryAug 24, 2022 - 3:14 p.m.

CVE-2022-34837 ABB Ability TM Operations Data Management Zenon Zenon Log Server file access control

2022-08-2415:14:33

CWE-257

ABB

www.cve.org

cve-2022-34837

abb zenon

operations data management

CVSS3

6.2

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L

AI Score

6.5

Confidence

High

EPSS

Percentile

12.6%

JSON

Storing Passwords in a Recoverable Format vulnerability in ABB Zenon 8.20 allows an attacker who successfully exploit the vulnerability may add more network clients that may monitor various activities of the Zenon.

CNA Affected

[
  {
    "product": "ABB Zenon",
    "vendor": "ABB",
    "versions": [
      {
        "lessThanOrEqual": "8.20",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

References

search.abb.com/library/Download.aspx?DocumentID=2NGA001479&LanguageCode=en&DocumentPartId=&Action=Launch

CVSS3

6.2

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L

AI Score

6.5

Confidence

High

EPSS

Percentile

12.6%

JSON

Related for CVELIST:CVE-2022-34837