CVE-2018-5477

Опубликовано: 20 фев. 2018

Источник: nvd

CVSS3: 5.8

CVSS2: 5

EPSS Низкий

Описание

An Information Exposure issue was discovered in ABB netCADOPS Web Application Version 3.4 and prior, netCADOPS Web Application Version 7.1 and prior, netCADOPS Web Application Version 7.2x and prior, netCADOPS Web Application Version 8.0 and prior, and netCADOPS Web Application Version 8.1 and prior. A vulnerability exists in the password entry section of netCADOPS Web Application that may expose critical database information.

Ссылки

http://www.securityfocus.com/bid/103089
Third Party Advisory
VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-18-051-01
Third Party Advisory
US Government Resource
http://www.securityfocus.com/bid/103089
Third Party Advisory
VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-18-051-01
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:abb:netcadops:*:*:*:*:*:*:*:*

Версия от 3.0 (включая) до 3.4 (включая)

cpe:2.3:a:abb:netcadops:*:*:*:*:*:*:*:*

Версия от 7.2.0 (включая) до 7.2.10 (исключая)

cpe:2.3:a:abb:netcadops:7.1:*:*:*:*:*:*:*

cpe:2.3:a:abb:netcadops:8.0:*:*:*:*:*:*:*

cpe:2.3:a:abb:netcadops:8.1:*:*:*:*:*:*:*

EPSS

Процентиль: 44%

0.00219

Низкий

5.8 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-87xh-fh5m-gf3x