CVE-2017-7906

EPSS 0.7%CWE-352

In ABB IP GATEWAY 3.39 and prior, the web server does not sufficiently verify that a request was performed by the authenticated user, which may allow an attacker to launch a request impersonating that user.

Produtos afetados

ICS-CERT · ABB IP GATEWAY

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://ics-cert.us-cert.gov/advisories/ICSA-18-156-01 http://www.securityfocus.com/bid/104388