An Unprotected Transport of Credentials issue was discovered in ABB Ellipse 8.3 through Ellipse 8.9 released prior to December 2017 (including Ellipse Select). A vulnerability exists in the authentication of Ellipse to LDAP/AD using the LDAP protocol. An attacker could exploit the vulnerability by sniffing local network traffic, allowing the discovery of authentication credentials.
oryginał ENCVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HHitachienergy Ellipse
APPHitachienergy8.3.0 – 8.9.0
Powiązane podatności
Path Traversal w MicroSCADA Pro/X SYS600 — dostęp do plików systemowych
Injection w walidacji zapytań MicroSCADA Pro/X SYS600 — nieautoryzowany zapis danych
RCE w serwerze/API Gateway Hitachi Energy FOXMAN-UN/UNEM
Authentication bypass w Hitachi Energy FOXMAN-UN/UNEM — pełny dostęp bez uwierzytelnienia
A vulnerability exists in the SDM600 file permission validation. An attacker could exploit the vulnerability ...