CVE-2023-0228

Description

Improper Authentication vulnerability in ABB Symphony Plus S+ Operations.This issue affects Symphony Plus S+ Operations: from 2.X through 2.1 SP2, 2.2, from 3.X through 3.3 SP1, 3.3 SP2.

CVSS breakdown

CVSS 3.1

Attack Vector

Adjacent

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected products

ABB / Symphony Plus S+ Operations2.x – 2.1 SP2
ABB / Symphony Plus S+ Operations2.2 – 2.2
ABB / Symphony Plus S+ Operations3.x – 3.3 SP1
ABB / Symphony Plus S+ Operations3.3 SP2 – 3.3 SP2

References

MISChttps://search.abb.com/library/Download.aspx?DocumentID=7PAA006722&LanguageCode=en&DocumentPartId=&Action=Launch