CVE-2017-7931

Summary

In ABB IP GATEWAY 3.39 and prior, by accessing a specific uniform resource locator (URL) on the web server, a malicious user is able to access the configuration files and application pages without authentication.

Affected Software

VendorProductVersion RangeStatus
ICS-CERTABB IP GATEWAYAll versions prior to version 3.39affected

Weaknesses

  • CWE-287: IMPROPER AUTHENTICATION CWE-287

ADP Enrichment

CVE Program Container

Additional References

References