Insufficient access control in the web interface of ABB Asset Suite versions 9.0 to 9.3, 9.4 before 9.4.2.6, 9.5 before 9.5.3.2 and 9.6.0 enables full access to directly referenced objects. An attacker with knowledge of a resource's URL can access the resource directly.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
hitachienergy asset suite 9.6.0 |
||
hitachienergy asset suite |