CVE-2021-35529

Опубликовано: 20 авг. 2021

Источник: nvd

CVSS3: 7.7

CVSS3: 7.2

CVSS2: 6.5

EPSS Низкий

Описание

Insufficiently Protected Credentials vulnerability in client environment of Hitachi ABB Power Grids Retail Operations and Counterparty Settlement Billing (CSB) allows an attacker or unauthorized user to access database credentials, shut down the product and access or alter. This issue affects: Hitachi ABB Power Grids Retail Operations version 5.7.2 and prior versions. Hitachi ABB Power Grids Counterparty Settlement Billing (CSB) version 5.7.2 and prior versions.

Ссылки

https://search.abb.com/library/Download.aspx?DocumentID=9AKK107992A5821&LanguageCode=en&DocumentPartId=&Action=Launch
Vendor Advisory
https://search.abb.com/library/Download.aspx?DocumentID=9AKK107992A5933&LanguageCode=en&DocumentPartId=&Action=Launch
Vendor Advisory
https://us-cert.cisa.gov/ics/advisories/icsa-21-236-02
Third Party Advisory
US Government Resource
https://search.abb.com/library/Download.aspx?DocumentID=9AKK107992A5821&LanguageCode=en&DocumentPartId=&Action=Launch
Vendor Advisory
https://search.abb.com/library/Download.aspx?DocumentID=9AKK107992A5933&LanguageCode=en&DocumentPartId=&Action=Launch
Vendor Advisory
https://us-cert.cisa.gov/ics/advisories/icsa-21-236-02
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:hitachienergy:counterparty_settlement_and_billing:*:*:*:*:*:*:*:*

Версия до 5.7.3 (исключая)

cpe:2.3:a:hitachienergy:retail_operations:*:*:*:*:*:*:*:*

Версия до 5.7.3 (исключая)

EPSS

Процентиль: 52%

0.00295

Низкий

7.7 High

CVSS3

7.2 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-522

Связанные уязвимости

GHSA-6c6g-x473-fqjx

CVSS3: 7.2

github

больше 3 лет назад

EPSS

Процентиль: 52%

0.00295

Низкий

7.7 High

CVSS3

7.2 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-522