CVE-2018-14805

Summary

ABB eSOMS version 6.0.2 may allow unauthorized access to the system when LDAP is set to allow anonymous authentication, and specific key values within the eSOMS web.config file are present. Both conditions are required to exploit this vulnerability.

Affected Software

VendorProductVersion RangeStatus
ICS-CERTABB eSOMSVersion 6.0.2affected

Weaknesses

  • CWE-287: IMPROPER AUTHENTICATION CWE-287

ADP Enrichment

CVE Program Container

Additional References

References