ABB Ability TM Operations Data Management Zenon Zenon Log Server file access control
CVE-2022-34837

6.2MEDIUM

Key Information:

Vendor

Abb

Status
Abb Zenon
Vendor
CVE Published:
26 July 2022

What is CVE-2022-34837?

Storing Passwords in a Recoverable Format vulnerability in ABB Zenon 8.20 allows an attacker who successfully exploit the vulnerability may add more network clients that may monitor various activities of the Zenon.

Affected Version(s)

ABB Zenon <= 8.20

References

https://search.abb.com/library/Download.aspx?DocumentID=2...
x_refsource_MISC

CVSS V3.1

Score:
6.2
Severity:
MEDIUM
Confidentiality:
High
Integrity:
Low
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

ABB thanks Ruben Santamarta for helping to identify the vulnerabilities and protecting our customers
.
CVE-2022-34837 : ABB Ability TM Operations Data Management Zenon Zenon Log Server file access control