Insertion of Sensitive Information into Log File Vulnerability in FLEXON by ABB
CVE-2024-48852

6.9MEDIUM

Key Information:

Vendor: Abb
Status: Flxeon
Vendor: CVE Published:; 29 January 2025

What is CVE-2024-48852?

A vulnerability identified in FLEXON allows for the potential exposure of sensitive information through improperly safeguarded log files. This issue arises when certain information is logged during HTTPS access, putting confidential data at risk of disclosure. Users of FLEXON versions up to and including 9.3.4 should examine their configurations and audit their logging practices to mitigate potential security breaches.

Affected Version(s)

FLXEON 0

References

https://search.abb.com/library/Download.aspx?DocumentID=9...

CVSS V4

Score:

6.9

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
Jan 29, 2025
Vulnerability Reserved
Oct 8, 2024

Credit

ABB likes to thank Gjoko Krstikj, Zero Science Lab, for reporting the vulnerabilities in responsible disclosure.

Abb

What is CVE-2024-48852?

Affected Version(s)

References

CVSS V4

Timeline

Credit