Description
An Information Exposure issue was discovered in ABB netCADOPS Web Application Version 3.4 and prior, netCADOPS Web Application Version 7.1 and prior, netCADOPS Web Application Version 7.2x and prior, netCADOPS Web Application Version 8.0 and prior, and netCADOPS Web Application Version 8.1 and prior. A vulnerability exists in the password entry section of netCADOPS Web Application that may expose critical database information.
References (2)
Core 2
Core References
Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-18-051-01
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/103089
Scores
CVSS v3
5.8
EPSS
0.0022
EPSS Percentile
44.3%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
Details
CWE
CWE-200
Status
published
Products (4)
abb/netcadops
7.1
abb/netcadops
8.0
abb/netcadops
8.1
abb/netcadops
3.0 - 3.4
Published
Feb 20, 2018
Tracked Since
Feb 18, 2026