In S+ Operations and S+ Historian, the passwords of internal users (not Windows Users) are encrypted but improperly stored in a database.
References
Link | Resource |
---|---|
https://search.abb.com/library/Download.aspx?DocumentID=2PAA123980&LanguageCode=en&DocumentPartId=&Action=Launch | Mitigation Vendor Advisory |
https://search.abb.com/library/Download.aspx?DocumentID=2PAA123982&LanguageCode=en&DocumentPartId=&Action=Launch | Mitigation Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Information
Published : 2020-12-22 14:15
Updated : 2021-10-07 12:05
NVD link : CVE-2020-24680
Mitre link : CVE-2020-24680
JSON object : View
CWE
CWE-522
Insufficiently Protected Credentials
Products Affected
abb
- symphony_\+_historian
- symphony_\+_operations