CVE-2020-8477

The installations for ABB System 800xA Information Manager versions 5.1, 6.0 to 6.0.3.2 and 6.1 wrongly contain an auxiliary component. An attacker is able to use this for an XSS-like attack to an authenticated local user, which might lead to execution of arbitrary code.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:abb:800xa_information_manager:5.1:*:*:*:*:*:*:*
cpe:2.3:a:abb:800xa_information_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:abb:800xa_information_manager:6.1:*:*:*:*:*:*:*

Information

Published : 2020-04-22 08:15

Updated : 2020-04-30 13:27


NVD link : CVE-2020-8477

Mitre link : CVE-2020-8477


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

abb

  • 800xa_information_manager