CVE-2022-0010
Summary
| CVE | CVE-2022-0010 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2023-05-22 08:15:00 UTC |
| Updated | 2023-06-01 15:20:00 UTC |
| Description | Insertion of Sensitive Information into Log File vulnerability in ABB QCS 800xA, ABB QCS AC450, ABB Platform Engineering Tools. An attacker, who already has local access to the QCS nodes, could successfully obtain the password for a system user account. Using this information, the attacker could have the potential to exploit this vulnerability to gain control of system nodes. This issue affects QCS 800xA: from 1.0;0 through 6.1SP2; QCS AC450: from 1.0;0 through 5.1SP2; Platform Engineering Tools: from 1.0:0 through 2.3.0. |
Risk And Classification
Problem Types: CWE-532
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Abb | Platform Engineering Tools | All | All | All | All |
| Hardware | Abb | Qcs 800xa | - | All | All | All |
| Operating System | Abb | Qcs 800xa Firmware | 5.1.0 | sp2 | All | All |
| Operating System | Abb | Qcs 800xa Firmware | All | All | All | All |
| Hardware | Abb | Qcs Ac450 | - | All | All | All |
| Operating System | Abb | Qcs Ac450 Firmware | 6.1.0 | sp2 | All | All |
| Operating System | Abb | Qcs Ac450 Firmware | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| search.abb.com/library/Download.aspx | MISC | search.abb.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.