CVE-2018-5477

EUVD-2018-17247
An Information Exposure issue was discovered in ABB netCADOPS Web Application Version 3.4 and prior, netCADOPS Web Application Version 7.1 and prior, netCADOPS Web Application Version 7.2x and prior, netCADOPS Web Application Version 8.0 and prior, and netCADOPS Web Application Version 8.1 and prior. A vulnerability exists in the password entry section of netCADOPS Web Application that may expose critical database information.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.8 MEDIUM
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 44%
Affected Products (NVD)
VendorProductVersion
abbnetcadops
3.0 ≤
𝑥
≤ 3.4
abbnetcadops
7.2.0 ≤
𝑥
< 7.2.10
abbnetcadops
7.1
abbnetcadops
8.0
abbnetcadops
8.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/103089
https://ics-cert.us-cert.gov/advisories/ICSA-18-051-01
http://www.securityfocus.com/bid/103089
https://ics-cert.us-cert.gov/advisories/ICSA-18-051-01