CVE-2020-24683 - OpenCVE

The affected versions of S+ Operations (version 2.1 SP1 and earlier) used an approach for user authentication which relies on validation at the client node (client-side authentication). This is not as secure as having the server validate a client application before allowing a connection. Therefore, if the network communication or endpoints for these applications are not protected, unauthorized actors can bypass authentication and make unauthorized connections to the server application.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Abb	Symphony \+ Operations Symphony \+ Historian

Configuration 1 [-]

OR	cpe:2.3:a:abb:symphony_\+_historian:3.0:::::::*
	cpe:2.3:a:abb:symphony_\+_historian:3.1:::::::*
	cpe:2.3:a:abb:symphony_\+_operations:1.1:::::::*
	cpe:2.3:a:abb:symphony_\+_operations:2.0:::::::*
	cpe:2.3:a:abb:symphony_\+_operations:2.1:sp1::::::
	cpe:2.3:a:abb:symphony_\+_operations:2.1:sp2::::::
	cpe:2.3:a:abb:symphony_\+_operations:3.0:::::::*
	cpe:2.3:a:abb:symphony_\+_operations:3.1:::::::*
	cpe:2.3:a:abb:symphony_\+_operations:3.2:::::::*
	cpe:2.3:a:abb:symphony_\+_operations:3.3:::::::*

References

Link	Resource
https://search.abb.com/library/Download.aspx?DocumentID=2PAA123980&LanguageCode=en&DocumentPartId=&Action=Launch	Mitigation Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: ABB

Published: 2020-12-15T00:00:00

Updated: 2020-12-22T21:19:10

Reserved: 2020-08-26T00:00:00

Link: CVE-2020-24683

JSON object: View

NVD Information

Status : Analyzed

Published: 2020-12-22T22:15:13.757

Modified: 2021-10-07T19:05:18.253

Link: CVE-2020-24683

JSON object: View

Redhat Information

No data.

CWE

{"containers": {"cna": {"affected": [{"product": "ABB Ability\u2122 Symphony\u00ae Plus Operations", "vendor": "ABB", "versions": [{"lessThan": "2.1 SP1", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "datePublic": "2020-12-15T00:00:00", "descriptions": [{"lang": "en", "value": "The affected versions of S+ Operations (version 2.1 SP1 and earlier) used an approach for user authentication which relies on validation at the client node (client-side authentication). This is not as secure as having the server validate a client application before allowing a connection. Therefore, if the network communication or endpoints for these applications are not protected, unauthorized actors can bypass authentication and make unauthorized connections to the server application."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-602", "description": "CWE-602 Client-Side Enforcement of Server-Side Security", "lang": "en", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-305", "description": "CWE-305 Authentication Bypass by Primary Weakness", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-12-22T21:19:10", "orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9", "shortName": "ABB"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://search.abb.com/library/Download.aspx?DocumentID=2PAA123980&LanguageCode=en&DocumentPartId=&Action=Launch"}], "source": {"advisory": "2PAA123980, 2PAA123982", "discovery": "INTERNAL"}, "title": "Authentication Bypass in Symphony Plus ", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cybersecurity@ch.abb.com", "DATE_PUBLIC": "2020-12-15T13:10:00.000Z", "ID": "CVE-2020-24683", "STATE": "PUBLIC", "TITLE": "Authentication Bypass in Symphony Plus "}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "ABB Ability\u2122 Symphony\u00ae Plus Operations", "version": {"version_data": [{"version_affected": "<", "version_value": "2.1 SP1"}]}}]}, "vendor_name": "ABB"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The affected versions of S+ Operations (version 2.1 SP1 and earlier) used an approach for user authentication which relies on validation at the client node (client-side authentication). This is not as secure as having the server validate a client application before allowing a connection. Therefore, if the network communication or endpoints for these applications are not protected, unauthorized actors can bypass authentication and make unauthorized connections to the server application."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-602 Client-Side Enforcement of Server-Side Security"}]}, {"description": [{"lang": "eng", "value": "CWE-305 Authentication Bypass by Primary Weakness"}]}]}, "references": {"reference_data": [{"name": "https://search.abb.com/library/Download.aspx?DocumentID=2PAA123980&LanguageCode=en&DocumentPartId=&Action=Launch", "refsource": "MISC", "url": "https://search.abb.com/library/Download.aspx?DocumentID=2PAA123980&LanguageCode=en&DocumentPartId=&Action=Launch"}]}, "source": {"advisory": "2PAA123980, 2PAA123982", "discovery": "INTERNAL"}}}}, "cveMetadata": {"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9", "assignerShortName": "ABB", "cveId": "CVE-2020-24683", "datePublished": "2020-12-15T00:00:00", "dateReserved": "2020-08-26T00:00:00", "dateUpdated": "2020-12-22T21:19:10", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:abb:symphony_\\+_historian:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "DAAEE275-0C2C-4D15-B0CB-B51706015769", "vulnerable": true}, {"criteria": "cpe:2.3:a:abb:symphony_\\+_historian:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "8A89B5F4-5BE7-4B0E-9ADF-46630017221C", "vulnerable": true}, {"criteria": "cpe:2.3:a:abb:symphony_\\+_operations:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "21FB4D84-598C-486D-9A16-F24AEAA8B2A5", "vulnerable": true}, {"criteria": "cpe:2.3:a:abb:symphony_\\+_operations:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "96371CD8-6C8A-459E-9A7E-34694B9F648E", "vulnerable": true}, {"criteria": "cpe:2.3:a:abb:symphony_\\+_operations:2.1:sp1:*:*:*:*:*:*", "matchCriteriaId": "5D3E3D88-6544-459D-A5F3-AFB682FF8462", "vulnerable": true}, {"criteria": "cpe:2.3:a:abb:symphony_\\+_operations:2.1:sp2:*:*:*:*:*:*", "matchCriteriaId": "ED64EBDB-B30B-49ED-88C9-7FC2B092FEA3", "vulnerable": true}, {"criteria": "cpe:2.3:a:abb:symphony_\\+_operations:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "A6281EC9-5771-4B95-B18C-C11A0EABDA25", "vulnerable": true}, {"criteria": "cpe:2.3:a:abb:symphony_\\+_operations:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "3B553708-205B-4B87-BFE9-1570C1AAE06F", "vulnerable": true}, {"criteria": "cpe:2.3:a:abb:symphony_\\+_operations:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "C8D38257-9207-4AED-818F-EA6E09393491", "vulnerable": true}, {"criteria": "cpe:2.3:a:abb:symphony_\\+_operations:3.3:*:*:*:*:*:*:*", "matchCriteriaId": "7EBFA7A6-0EF8-46FC-B92F-AF448531B997", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The affected versions of S+ Operations (version 2.1 SP1 and earlier) used an approach for user authentication which relies on validation at the client node (client-side authentication). This is not as secure as having the server validate a client application before allowing a connection. Therefore, if the network communication or endpoints for these applications are not protected, unauthorized actors can bypass authentication and make unauthorized connections to the server application."}, {"lang": "es", "value": "Las versiones afectadas de S+ Operations (versi\u00f3n 2.1 SP1 y anteriores) utilizaron un enfoque para la autenticaci\u00f3n de usuarios que se basa en la comprobaci\u00f3n en el nodo del cliente (autenticaci\u00f3n del lado del cliente). Esto no es tan seguro como hacer que el servidor valide una aplicaci\u00f3n cliente antes de permitir una conexi\u00f3n. Por lo tanto, si la comunicaci\u00f3n de red o los endpoints para estas aplicaciones no est\u00e1n protegidas, los actores no autorizados pueden omitir la autenticaci\u00f3n y llevar a cabo conexiones no autorizadas hacia la aplicaci\u00f3n del servidor"}], "id": "CVE-2020-24683", "lastModified": "2021-10-07T19:05:18.253", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "cybersecurity@ch.abb.com", "type": "Secondary"}]}, "published": "2020-12-22T22:15:13.757", "references": [{"source": "cybersecurity@ch.abb.com", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://search.abb.com/library/Download.aspx?DocumentID=2PAA123980&LanguageCode=en&DocumentPartId=&Action=Launch"}], "sourceIdentifier": "cybersecurity@ch.abb.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-669"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-305"}, {"lang": "en", "value": "CWE-602"}], "source": "cybersecurity@ch.abb.com", "type": "Secondary"}]}