Description
Insufficiently Protected Credentials vulnerability in client environment of Hitachi ABB Power Grids Retail Operations and Counterparty Settlement Billing (CSB) allows an attacker or unauthorized user to access database credentials, shut down the product and access or alter. This issue affects: Hitachi ABB Power Grids Retail Operations version 5.7.2 and prior versions. Hitachi ABB Power Grids Counterparty Settlement Billing (CSB) version 5.7.2 and prior versions.
References (3)
Core 3
Core References
Vendor Advisory x_refsource_confirm
https://search.abb.com/library/Download.aspx?DocumentID=9AKK107992A5933&LanguageCode=en&DocumentPartId=&Action=Launch
Vendor Advisory x_refsource_confirm
https://search.abb.com/library/Download.aspx?DocumentID=9AKK107992A5821&LanguageCode=en&DocumentPartId=&Action=Launch
Third Party Advisory, US Government Resource x_refsource_confirm
https://us-cert.cisa.gov/ics/advisories/icsa-21-236-02
Scores
CVSS v3
7.7
EPSS
0.0126
EPSS Percentile
65.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N
Details
CWE
CWE-522
Status
published
Products (2)
hitachienergy/counterparty_settlement_and_billing
< 5.7.3
hitachienergy/retail_operations
< 5.7.3
Published
Aug 20, 2021
Tracked Since
Feb 18, 2026