A Permissions, Privileges, and Access Controls issue was discovered in ABB VSN300 WiFi Logger Card versions 1.8.15 and prior, and VSN300 WiFi Logger Card for React versions 2.1.3 and prior. The web application does not properly restrict privileges of the Guest account. A malicious user may be able to gain access to configuration information that should be restricted.
References
Link | Resource |
---|---|
http://search.abb.com/library/Download.aspx?DocumentID=9AKK107045A1977&LanguageCode=en&DocumentPartId=&Action=Launch | Vendor Advisory |
http://www.securityfocus.com/bid/99558 | Third Party Advisory VDB Entry |
https://ics-cert.us-cert.gov/advisories/ICSA-17-192-03 | Third Party Advisory US Government Resource |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: icscert
Published: 2017-08-07T08:00:00
Updated: 2017-08-07T09:57:02
Reserved: 2017-04-18T00:00:00
Link: CVE-2017-7916
JSON object: View
NVD Information
Status : Modified
Published: 2017-08-07T08:29:00.197
Modified: 2019-10-09T23:29:57.593
Link: CVE-2017-7916
JSON object: View
Redhat Information
No data.