CVE-2018-5477

An Information Exposure issue was discovered in ABB netCADOPS Web Application Version 3.4 and prior, netCADOPS Web Application Version 7.1 and prior, netCADOPS Web Application Version 7.2x and prior, netCADOPS Web Application Version 8.0 and prior, and netCADOPS Web Application Version 8.1 and prior. A vulnerability exists in the password entry section of netCADOPS Web Application that may expose critical database information.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.8 MEDIUM
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
icscertCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 44%
VendorProductVersion
abbnetcadops
3.0 ≤
𝑥
≤ 3.4
abbnetcadops
7.2.0 ≤
𝑥
< 7.2.10
abbnetcadops
7.1
abbnetcadops
8.0
abbnetcadops
8.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/103089
https://ics-cert.us-cert.gov/advisories/ICSA-18-051-01
http://www.securityfocus.com/bid/103089
https://ics-cert.us-cert.gov/advisories/ICSA-18-051-01