Vulnerability Name: | CVE-2018-5477 (CCN-139257) | ||||||||||||
Assigned: | 2018-02-20 | ||||||||||||
Published: | 2018-02-20 | ||||||||||||
Updated: | 2019-10-09 | ||||||||||||
Summary: | An Information Exposure issue was discovered in ABB netCADOPS Web Application Version 3.4 and prior, netCADOPS Web Application Version 7.1 and prior, netCADOPS Web Application Version 7.2x and prior, netCADOPS Web Application Version 8.0 and prior, and netCADOPS Web Application Version 8.1 and prior. A vulnerability exists in the password entry section of netCADOPS Web Application that may expose critical database information. | ||||||||||||
CVSS v3 Severity: | 5.8 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N) 5.1 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N/E:U/RL:O/RC:C)
5.1 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N/E:U/RL:O/RC:C)
| ||||||||||||
CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
| ||||||||||||
Vulnerability Type: | CWE-200 | ||||||||||||
Vulnerability Consequences: | Obtain Information | ||||||||||||
References: | Source: MITRE Type: CNA CVE-2018-5477 Source: CCN Type: ABB Cyber Security Advisory 9AKK107045A9236 netCADOPS Web Application Source: BID Type: Third Party Advisory, VDB Entry 103089 Source: CCN Type: BID-103089 ABB netCADOPS Web Application CVE-2018-5477 Information Disclosure Vulnerability Source: XF Type: UNKNOWN abb-netcadops-cve20185477-info-disc(139257) Source: MISC Type: Third Party Advisory, US Government Resource https://ics-cert.us-cert.gov/advisories/ICSA-18-051-01 | ||||||||||||
Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||||||
BACK |