In S+ Operations and S+ Historian, not all client commands correctly check user permission as expected. Authenticated but Unauthorized remote users could execute a Denial-of-Service (DoS) attack, execute arbitrary code, or obtain more privilege than intended on the machines.
References
Link | Resource |
---|---|
https://search.abb.com/library/Download.aspx?DocumentID=2PAA123980&LanguageCode=en&DocumentPartId=&Action=Launch | Mitigation Vendor Advisory |
https://search.abb.com/library/Download.aspx?DocumentID=2PAA123982&LanguageCode=en&DocumentPartId=&Action=Launch | Mitigation Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: ABB
Published: 2020-12-15T00:00:00
Updated: 2020-12-22T21:20:16
Reserved: 2020-08-26T00:00:00
Link: CVE-2020-24674
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-12-22T22:15:13.147
Modified: 2021-10-07T19:05:00.013
Link: CVE-2020-24674
JSON object: View
Redhat Information
No data.