Password in Memory Vulnerability in Retail Operations Product and Counterparty Settlement and Billing (CSB)
CVE-2021-35529

7.7HIGH

Key Information:

Vendor

Hitachi Abb Power Grids

Status
Retail Operations
Counterparty Settlement And Billing (csb)
Vendor
CVE Published:
5 August 2021

What is CVE-2021-35529?

Insufficiently Protected Credentials vulnerability in client environment of Hitachi ABB Power Grids Retail Operations and Counterparty Settlement Billing (CSB) allows an attacker or unauthorized user to access database credentials, shut down the product and access or alter. This issue affects: Hitachi ABB Power Grids Retail Operations version 5.7.2 and prior versions. Hitachi ABB Power Grids Counterparty Settlement Billing (CSB) version 5.7.2 and prior versions.

Affected Version(s)

Counterparty Settlement and Billing (CSB) 5.7.2

Retail Operations prior to Build Nr. 1.2.14002.257 5.7.2

References

https://search.abb.com/library/Download.aspx?DocumentID=9...
x_refsource_CONFIRM
https://search.abb.com/library/Download.aspx?DocumentID=9...
x_refsource_CONFIRM
https://us-cert.cisa.gov/ics/advisories/icsa-21-236-02
x_refsource_CONFIRM

CVSS V3.1

Score:
7.7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
High
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.