Vulnerabilities > ABB > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-06 | CVE-2017-7933 | Insufficiently Protected Credentials vulnerability in ABB IP Gateway Firmware 3.39 In ABB IP GATEWAY 3.39 and prior, some configuration files contain passwords stored in plain-text, which may allow an attacker to gain unauthorized access. | 9.8 |
| 2018-06-06 | CVE-2017-7931 | Improper Authentication vulnerability in ABB IP Gateway Firmware 3.39 In ABB IP GATEWAY 3.39 and prior, by accessing a specific uniform resource locator (URL) on the web server, a malicious user is able to access the configuration files and application pages without authentication. | 9.8 |
| 2018-05-24 | CVE-2017-9664 | Path Traversal vulnerability in ABB Srea-01 Firmware and Srea-50 Firmware In ABB SREA-01 revisions A, B, C: application versions up to 3.31.5, and SREA-50 revision A: application versions up to 3.32.8, an attacker may access internal files of ABB SREA-01 and SREA-50 legacy remote monitoring tools without any authorization over the network using a HTTP request which refers to files using ../../ relative paths. | 9.8 |