CVE-2018-14805

EPSS 4.8%CWE-287

ABB eSOMS version 6.0.2 may allow unauthorized access to the system when LDAP is set to allow anonymous authentication, and specific key values within the eSOMS web.config file are present. Both conditions are required to exploit this vulnerability.

Produtos afetados

ICS-CERT · ABB eSOMS

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://ics-cert.us-cert.gov/advisories/ICSA-18-240-04 https://search.abb.com/library/Download.aspx?DocumentID=9AKK107046A5821&LanguageCode=en&DocumentPartId=&Action=Launch http://www.securityfocus.com/bid/105169