Improper Authentication in ABB VSN300 WiFi Logger Card
CVE-2017-7920

7.5HIGH

Key Information:

Vendor

Abb

Status
Abb Vsn300 Wifi Logger Card
Vendor
CVE Published:
7 August 2017

What is CVE-2017-7920?

An improper authentication vulnerability exists in ABB's VSN300 WiFi Logger Card, affecting versions 1.8.15 and earlier, as well as the React version 2.1.3 and prior. This flaw allows an unauthorized user to access sensitive internal information about device status and connected devices by simply entering a specific URL on the device's web interface, bypassing authentication measures. This poses a significant security risk, as attackers could exploit this vulnerability to gather critical information without detection.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

ABB VSN300 WiFi Logger Card ABB VSN300 WiFi Logger Card

References

http://www.securityfocus.com/bid/99558
vdb-entryx_refsource_BID
http://search.abb.com/library/Download.aspx?DocumentID=9A...
x_refsource_MISC
https://ics-cert.us-cert.gov/advisories/ICSA-17-192-03
x_refsource_MISC

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.