Описание
In all versions of ABB Power Generation Information Manager (PGIM) and Plant Connect, the affected product is vulnerable to authentication bypass, which may allow an attacker to remotely bypass authentication and extract credentials from the affected device.
Ссылки
- Not ApplicablePermissions RequiredThird Party AdvisoryUS Government Resource
- Third Party Advisory
- Not ApplicablePermissions RequiredThird Party AdvisoryUS Government Resource
Уязвимые конфигурации
Одно из
EPSS
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
Связанные уязвимости
In all versions of ABB Power Generation Information Manager (PGIM) and Plant Connect, the affected product is vulnerable to authentication bypass, which may allow an attacker to remotely bypass authentication and extract credentials from the affected device.
Уязвимость программных средств для сбора, архивирования и анализа данных предприятий Power Generation Information Manager и Plant Connect, связанная с недостаточной защитой регистрационных данных, позволяющая нарушителю обойти процедуру аутентификации и получить доступ к учётным данным устройства
EPSS
9.8 Critical
CVSS3
7.5 High
CVSS2