Vulnerabilities > CVE-2021-26845 - Incorrect Authorization vulnerability in Hitachienergy Esoms

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

hitachienergy

CWE-863

NVD

Published: 2021-06-14

Updated: 2023-05-16

Summary

Information Exposure vulnerability in Hitachi ABB Power Grids eSOMS allows unauthorized user to gain access to report data if the URL used to access the report is discovered. This issue affects: Hitachi ABB Power Grids eSOMS 6.0 versions prior to 6.0.4.2.2; 6.1 versions prior to 6.1.4; 6.3 versions prior to 6.3.

Vulnerable Configurations

Part	Description	Count
Application	Hitachienergy Hitachienergy Esoms 6.1 Hitachienergy Esoms 6.0 Hitachienergy Esoms 6.0.2 Hitachienergy Esoms 6.0.3 Hitachienergy Esoms 6.0.4	5

Common Weakness Enumeration (CWE)

CWE-863 - Incorrect Authorization

References

https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8942&LanguageCode=en&DocumentPartId=&Action=Launch