Lucene search

ABBCVELIST:CVE-2022-34838

HistoryJul 26, 2022 - 12:00 a.m.

CVE-2022-34838 ABB Ability TM Operations Data Management Zenon Zenon Log Server file access control

2022-07-2600:00:00

CWE-257

ABB

www.cve.org

8.1 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

8.5 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.8%

JSON

Storing Passwords in a Recoverable Format vulnerability in ABB Zenon 8.20 allows an attacker who successfully exploit the vulnerability may add or alter data points and corresponding attributes. Once such engineering data is used the data visualization will be altered for the end user.

CNA Affected

[
  {
    "product": "ABB Zenon",
    "vendor": "ABB",
    "versions": [
      {
        "lessThanOrEqual": "8.20",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

References

search.abb.com/library/Download.aspx?DocumentID=2NGA001479&LanguageCode=en&DocumentPartId=&Action=Launch

8.1 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

8.5 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.8%

JSON

Related for CVELIST:CVE-2022-34838