HIGH🇵🇱 Wersja polska

CVE-2017-16731

CVSS 8.8v3.0pub. 2017-12-20upd. 2026-05-13

An Unprotected Transport of Credentials issue was discovered in ABB Ellipse 8.3 through Ellipse 8.9 released prior to December 2017 (including Ellipse Select). A vulnerability exists in the authentication of Ellipse to LDAP/AD using the LDAP protocol. An attacker could exploit the vulnerability by sniffing local network traffic, allowing the discovery of authentication credentials.

CVSS Vector
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Hitachienergy Ellipse

    APP
    Hitachienergy
    8.3.0 – 8.9.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2024-3980CRITICAL9.9PL ✓ten sam vendor

Path Traversal w MicroSCADA Pro/X SYS600 — dostęp do plików systemowych

CVE-2024-4872CRITICAL9.9PL ✓ten sam vendor

Injection w walidacji zapytań MicroSCADA Pro/X SYS600 — nieautoryzowany zapis danych

CVE-2024-2012CRITICAL9.1PL ✓ten sam vendor

RCE w serwerze/API Gateway Hitachi Energy FOXMAN-UN/UNEM

CVE-2024-2013CRITICAL10.0PL ✓ten sam vendor

Authentication bypass w Hitachi Energy FOXMAN-UN/UNEM — pełny dostęp bez uwierzytelnienia

CVE-2022-3682CRITICAL9.9ten sam vendor

A vulnerability exists in the SDM600 file permission validation. An attacker could exploit the vulnerability ...