CVE-2022-34837
ABB Ability TM Operations Data Management Zenon Zenon Log Server file access control
Severity Score
6.1
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Storing Passwords in a Recoverable Format vulnerability in ABB Zenon 8.20 allows an attacker who successfully exploit the vulnerability may add more network clients that may monitor various activities of the Zenon.
Una vulnerabilidad de Almacenamiento de Contraseñas en un Formato Recuperable en ABB Zenon versión 8.20, permite que un atacante que explote con éxito la vulnerabilidad pueda añadir más clientes de red que puedan monitorizar varias actividades del Zenon.
*Credits:
ABB thanks Ruben Santamarta for helping to identify the vulnerabilities and protecting our customers
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2022-06-30 CVE Reserved
- 2022-08-24 CVE Published
- 2024-02-16 EPSS Updated
- 2024-09-17 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-257: Storing Passwords in a Recoverable Format
- CWE-522: Insufficiently Protected Credentials
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|