Sign-up

ID

VAR-202307-2149


CVE

CVE-2023-3322


TITLE

ABB Abilit zenon Security hole

Trust: 0.6

sources: CNNVD: CNNVD-202307-1958

DESCRIPTION

A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts. This issue affects ABB Ability™ zenon: from 11 build through 11 build 106404.

Trust: 1.0

sources: NVD: CVE-2023-3322

AFFECTED PRODUCTS

vendor:abbmodel:zenonscope:lteversion:11.0.0

Trust: 1.0

sources: NVD: CVE-2023-3322

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2023-3322
value: HIGH

Trust: 1.0

cybersecurity@ch.abb.com: CVE-2023-3322
value: HIGH

Trust: 1.0

nvd@nist.gov: CVE-2023-3322
baseSeverity: HIGH
baseScore: 8.1
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 5.2
version: 3.1

Trust: 1.0

cybersecurity@ch.abb.com: CVE-2023-3322
baseSeverity: HIGH
baseScore: 7.0
vectorString: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: HIGH
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.0
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: NVD: CVE-2023-3322 // NVD: CVE-2023-3322

PROBLEMTYPE DATA

problemtype:CWE-732

Trust: 1.0

sources: NVD: CVE-2023-3322

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202307-1958

EXTERNAL IDS

db:NVDid:CVE-2023-3322

Trust: 1.6

db:CNNVDid:CNNVD-202307-1958

Trust: 0.6

sources: CNNVD: CNNVD-202307-1958 // NVD: CVE-2023-3322

REFERENCES

url:https://search.abb.com/library/download.aspx?documentid=2nga001801&languagecode=en&documentpartid=&action=launch&_ga=2.194142766.2067879716.1690216773-1911411808.1686627590

Trust: 1.6

url:https://cxsecurity.com/cveshow/cve-2023-3322/

Trust: 0.6

sources: CNNVD: CNNVD-202307-1958 // NVD: CVE-2023-3322

SOURCES

db:CNNVDid:CNNVD-202307-1958
db:NVDid:CVE-2023-3322

LAST UPDATE DATE

2024-08-14T15:10:41.160000+00:00


SOURCES UPDATE DATE

db:CNNVDid:CNNVD-202307-1958date:2023-07-25T00:00:00
db:NVDid:CVE-2023-3322date:2023-08-01T21:00:26.463

SOURCES RELEASE DATE

db:CNNVDid:CNNVD-202307-1958date:2023-07-24T00:00:00
db:NVDid:CVE-2023-3322date:2023-07-24T18:15:23.543