CVE-2019-18998
Description
Insufficient access control in the web interface of ABB Asset Suite versions 9.0 to 9.3, 9.4 prior to 9.4.2.6, 9.5 prior to 9.5.3.2 and 9.6.0 enables full access to directly referenced objects. An attacker with knowledge of a resources URL can access the resource directly.
Risk Information
Base Score
7.1
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
EPSS Score
Exploitation Probability
0.13
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2019-18998 are affected in Hitachi Asset Suite 9.3.0 | Windows |
| Vulnerabilities CVE-2019-18998 are affected in Hitachi Asset Suite 9.4.2.5 | Windows |
| Vulnerabilities CVE-2019-18998 are affected in Hitachi Asset Suite 9.5.3.1 | Windows |
| Vulnerabilities CVE-2019-18998 are affected in Hitachi Asset Suite 9.6.0 | Windows |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234