Filtered by vendor Abb
Subscribe
Search
Total
6 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-8478 | 1 Abb | 4 Ac800m, Base Software, Mms Server and 1 more | 2020-05-13 | 2.1 LOW | 3.3 LOW |
| Insufficient protection of the inter-process communication functions in ABB System 800xA products OPC Server for AC 800M, MMS Server for AC 800M and Base Software for SoftControl (all published versions) enables an attacker authenticated on the local system to inject data, affecting the online view of runtime data shown in Control Builder. | |||||
| CVE-2019-19090 | 1 Abb | 1 Esoms | 2020-04-03 | 3.5 LOW | 3.5 LOW |
| For ABB eSOMS versions 4.0 to 6.0.2, the Secure Flag is not set in the HTTP response header. Unencrypted connections might access the cookie information, thus making it susceptible to eavesdropping. | |||||
| CVE-2019-19092 | 1 Abb | 1 Esoms | 2020-04-03 | 3.5 LOW | 3.5 LOW |
| ABB eSOMS versions 4.0 to 6.0.3 use ASP.NET Viewstate without Message Authentication Code (MAC). Alterations to Viewstate might thus not be noticed. | |||||
| CVE-2016-4511 | 1 Abb | 1 Pcm600 | 2016-06-17 | 1.9 LOW | 2.8 LOW |
| ABB PCM600 before 2.7 uses an improper hash algorithm for the main application password, which makes it easier for local users to obtain sensitive cleartext information by leveraging read access to the ACTConfig configuration file. | |||||
| CVE-2016-4527 | 1 Abb | 1 Pcm600 | 2016-06-15 | 1.9 LOW | 3.3 LOW |
| ABB PCM600 before 2.7 improperly stores PCM600 authentication credentials, which allows local users to obtain sensitive information via unspecified vectors. | |||||
| CVE-2016-4516 | 1 Abb | 1 Pcm600 | 2016-06-15 | 2.1 LOW | 3.3 LOW |
| ABB PCM600 before 2.7 improperly stores the main application password after a password change, which allows local users to obtain sensitive information via unspecified vectors. | |||||