16 results (0.117 seconds)

CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0

Insertion of Sensitive Information into Log File vulnerability in ABB QCS 800xA, ABB QCS AC450, ABB Platform Engineering Tools. An attacker, who already has local access to the QCS nodes, could successfully obtain the password for a system user account. Using this information, the attacker could have the potential to exploit this vulnerability to gain control of system nodes. This issue affects QCS 800xA: from 1.0;0 through 6.1SP2; QCS AC450: from 1.0;0 through 5.1SP2; Platform Engineering Tools: from 1.0:0 through 2.3.0. • https://search.abb.com/library/Download.aspx?DocumentID=3BUS221709&LanguageCode=en&DocumentPartId=&Action=Launch&_ga=2.108646530.1437951308.1684739395-1142547495.1678209228 • CWE-532: Insertion of Sensitive Information into Log File •

CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 0

Improper Input Validation vulnerability in ABB 800xA, Control Software for AC 800M, Control Builder Safe, Compact Product Suite - Control and I/O, ABB Base Software for SoftControl allows an attacker to cause the denial of service. Una vulnerabilidad de comprobación de entrada inapropiada en ABB 800xA, Software de control para AC 800M, Control Builder Safe, Compact Product Suite - Control and I/O, ABB Base Software for SoftControl permite a un atacante causar la denegación de servicio • https://search.abb.com/library/Download.aspx?DocumentID=7PAA001499&LanguageCode=en&DocumentPartId=&Action=Launch • CWE-20: Improper Input Validation •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Insufficient protection of the inter-process communication functions in ABB System 800xA Information Management (all published versions) enables an attacker authenticated on the local system to inject data, affecting the runtime values to be stored in the archive, or making Information Management history services unavailable. Una protección insuficiente de las funciones de comunicación entre procesos en ABB System 800xA Information Management (todas las versiones publicadas), permite a un atacante autenticado en el sistema local inyectar datos, afectando a los valores de tiempo de ejecución para ser almacenados en el archivo o haciendo que los servicios de histórico de Information Management no estén disponibles. • https://search.abb.com/library/Download.aspx?DocumentID=2PAA121236&LanguageCode=en&DocumentPartId=&Action=Launch • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Insufficient protection of the inter-process communication functions in ABB System 800xA Batch Management (all published versions) enables an attacker authenticated on the local system to inject data, affecting User Interface update during batch execution and/or compare/printing functionalities. Una protección insuficiente de las funciones de comunicación entre procesos en ABB System 800xA Batch Management (todas las versiones publicadas), permite a un atacante autenticado en el sistema local inyectar datos, afectando la actualización de la Interfaz de Usuario durante la ejecución de lotes y/o las funcionalidades de comparar e imprimir. • https://search.abb.com/library/Download.aspx?DocumentID=2PAA121236&LanguageCode=en&DocumentPartId=&Action=Launch • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Insufficient protection of the inter-process communication functions in ABB System 800xA Base (all published versions) enables an attacker authenticated on the local system to inject data, affect node redundancy handling. Una protección insuficiente de las funciones de comunicación entre procesos en ABB System 800xA Base (todas las versiones publicadas), permite a un atacante autenticado en el sistema local inyectar datos, afectando al manejo de la redundancia de nodos. • https://search.abb.com/library/Download.aspx?DocumentID=2PAA121236&LanguageCode=en&DocumentPartId=&Action=Launch • CWE-264: Permissions, Privileges, and Access Controls •