Vulnerabilities > ABB > IP Gateway Firmware

DATE CVE VULNERABILITY TITLE RISK
2018-06-06 CVE-2017-7933 Insufficiently Protected Credentials vulnerability in ABB IP Gateway Firmware 3.39
In ABB IP GATEWAY 3.39 and prior, some configuration files contain passwords stored in plain-text, which may allow an attacker to gain unauthorized access.
network
low complexity
abb CWE-522
critical
9.8
2018-06-06 CVE-2017-7931 Improper Authentication vulnerability in ABB IP Gateway Firmware 3.39
In ABB IP GATEWAY 3.39 and prior, by accessing a specific uniform resource locator (URL) on the web server, a malicious user is able to access the configuration files and application pages without authentication.
network
low complexity
abb CWE-287
critical
9.8
2018-06-06 CVE-2017-7906 Cross-Site Request Forgery (CSRF) vulnerability in ABB IP Gateway Firmware 3.39
In ABB IP GATEWAY 3.39 and prior, the web server does not sufficiently verify that a request was performed by the authenticated user, which may allow an attacker to launch a request impersonating that user.
network
low complexity
abb CWE-352
8.8