Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-26845

Information Exposure vulnerability in Hitachi ABB Power Grids eSOMS allows unauthorized user to gain access to report data if the URL used to access the report is discovered. This issue affects: Hitachi ABB Power Grids eSOMS 6.0 versions prior to 6.0.4.2.2; 6.1 versions prior to 6.1.4; 6.3 versions prior to 6.3.

Published

2021-06-14T22:15:08.550

Last Modified

2024-11-21T05:56:53.713

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: NONE
Availability Impact: NONE

Exploitability Score

10.0

Impact Score

2.9

Weaknesses

Type: Primary
CWE-863

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	hitachienergy	esoms	< 6.0.4.2.2	Yes
Application	hitachienergy	esoms	< 6.1.4	Yes

References

https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8942&LanguageCode=en&DocumentPartId=&Action=Launch Vendor Advisory ([email protected])
https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8942&LanguageCode=en&DocumentPartId=&Action=Launch Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)