CVE-2022-0010
QCS 800xA Vulnerability identified in system log files
Severity Score
5.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Insertion of Sensitive Information into Log File vulnerability in ABB QCS 800xA, ABB QCS AC450, ABB Platform Engineering Tools.
An attacker, who already has local access to the QCS nodes, could successfully obtain the password for a system user account. Using this information, the attacker could have the potential to exploit this vulnerability to gain control of system nodes.
This issue affects QCS 800xA: from 1.0;0 through 6.1SP2; QCS AC450: from 1.0;0 through 5.1SP2; Platform Engineering Tools: from 1.0:0 through 2.3.0.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2021-12-13 CVE Reserved
- 2023-05-22 CVE Published
- 2023-05-22 EPSS Updated
- 2024-08-02 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-532: Insertion of Sensitive Information into Log File
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Abb Search vendor "Abb" | Qcs 800xa Firmware Search vendor "Abb" for product "Qcs 800xa Firmware" | >= 1.0.0 <= 5.1.0 Search vendor "Abb" for product "Qcs 800xa Firmware" and version " >= 1.0.0 <= 5.1.0" | - |
Affected
| in | Abb Search vendor "Abb" | Qcs 800xa Search vendor "Abb" for product "Qcs 800xa" | - | - |
Safe
|
| Abb Search vendor "Abb" | Qcs 800xa Firmware Search vendor "Abb" for product "Qcs 800xa Firmware" | 5.1.0 Search vendor "Abb" for product "Qcs 800xa Firmware" and version "5.1.0" | sp2 |
Affected
| in | Abb Search vendor "Abb" | Qcs 800xa Search vendor "Abb" for product "Qcs 800xa" | - | - |
Safe
|
| Abb Search vendor "Abb" | Qcs Ac450 Firmware Search vendor "Abb" for product "Qcs Ac450 Firmware" | >= 1.0.0 <= 6.1.0 Search vendor "Abb" for product "Qcs Ac450 Firmware" and version " >= 1.0.0 <= 6.1.0" | - |
Affected
| in | Abb Search vendor "Abb" | Qcs Ac450 Search vendor "Abb" for product "Qcs Ac450" | - | - |
Safe
|
| Abb Search vendor "Abb" | Qcs Ac450 Firmware Search vendor "Abb" for product "Qcs Ac450 Firmware" | 6.1.0 Search vendor "Abb" for product "Qcs Ac450 Firmware" and version "6.1.0" | sp2 |
Affected
| in | Abb Search vendor "Abb" | Qcs Ac450 Search vendor "Abb" for product "Qcs Ac450" | - | - |
Safe
|
| Abb Search vendor "Abb" | Platform Engineering Tools Search vendor "Abb" for product "Platform Engineering Tools" | >= 1.0.0 <= 2.3.0 Search vendor "Abb" for product "Platform Engineering Tools" and version " >= 1.0.0 <= 2.3.0" | - |
Affected
| ||||||