CVE-2017-7906
N/A
N/A
Summary
In ABB IP GATEWAY 3.39 and prior, the web server does not sufficiently verify that a request was performed by the authenticated user, which may allow an attacker to launch a request impersonating that user.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| ICS-CERT | ABB IP GATEWAY | All versions prior to version 3.39 | affected |
Weaknesses
- CWE-352: CROSS-SITE REQUEST FORGERY CWE-352
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.