CVE-2017-16731

Summary

An Unprotected Transport of Credentials issue was discovered in ABB Ellipse 8.3 through Ellipse 8.9 released prior to December 2017 (including Ellipse Select). A vulnerability exists in the authentication of Ellipse to LDAP/AD using the LDAP protocol. An attacker could exploit the vulnerability by sniffing local network traffic, allowing the discovery of authentication credentials.

Affected Software

VendorProductVersion RangeStatus
n/aABB EllipseABB Ellipseaffected

Weaknesses

  • CWE-523: CWE-523

ADP Enrichment

CVE Program Container

Additional References

References