Vulnerabilities > CVE-2020-24677 - Improper Check for Unusual or Exceptional Conditions vulnerability in ABB Symphony + Historian and Symphony + Operations

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

SINGLE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

abb

CWE-754

NVD

Published: 2020-12-22

Updated: 2021-10-07

Summary

Vulnerabilities in the S+ Operations and S+ Historian web applications can lead to a possible code execution and privilege escalation, redirect the user somewhere else or download unwanted data.

Vulnerable Configurations

Part	Description	Count
Application	Abb ABB Symphony + Historian 3.0 ABB Symphony + Historian 3.1 ABB Symphony + Operations 1.1 ABB Symphony + Operations 2.0 ABB Symphony + Operations 2.1 ABB Symphony + Operations 3.0 ABB Symphony + Operations 3.1 ABB Symphony + Operations 3.2 ABB Symphony + Operations 3.3	10

Common Weakness Enumeration (CWE)

CWE-754 - Improper Check for Unusual or Exceptional Conditions

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References