CVE-2019-18250

Sažetak

In all versions of ABB Power Generation Information Manager (PGIM) and Plant Connect, the affected product is vulnerable to authentication bypass, which may allow an attacker to remotely bypass authentication and extract credentials from the affected device.

Reference

https://www.us-cert.gov/ics/advisories/icsa-19-318-05
https://iotsecuritynews.com/abb-power-generation-information-manager-pgim-and-plant-connect/

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

29-10-2021 - 19:11

Objavljeno

26-11-2019 - 00:15