Search criteria
3 vulnerabilities found for 800xA RNRP by ABB
VAR-202004-2165
Vulnerability from variot - Updated: 2023-12-18 11:58Insufficient protection of the inter-process communication functions in ABB System 800xA RNRP (all published versions) enables an attacker authenticated on the local system to inject data, affect node redundancy handling. ABB System 800xA RNRP There is an unspecified vulnerability in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. ABB System 800xA RNRP is a redundant network routing protocol used in ABB System 800xA distributed control system by Swiss ABB company.
ABB System 800xA RNRP (all versions) has a vulnerability in permissions and access control issues
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-2165",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "system 800xa rnrp",
"scope": null,
"trust": 1.4,
"vendor": "abb",
"version": null
},
{
"model": "800xa rnrp",
"scope": "eq",
"trust": 1.1,
"vendor": "abb",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "800xa rnrp",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "b72df7f5-1872-4f76-b50e-aa8338e26f06"
},
{
"db": "IVD",
"id": "ec13e7f9-33d1-4526-b971-aa8b53dffd8f"
},
{
"db": "CNVD",
"id": "CNVD-2020-27095"
},
{
"db": "VULMON",
"id": "CVE-2020-8486"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005048"
},
{
"db": "NVD",
"id": "CVE-2020-8486"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:abb:800xa_rnrp:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-8486"
}
]
},
"cve": "CVE-2020-8486",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.6,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2020-005048",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2020-27095",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "b72df7f5-1872-4f76-b50e-aa8338e26f06",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "ec13e7f9-33d1-4526-b971-aa8b53dffd8f",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-186611",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2020-8486",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "cybersecurity@ch.abb.com",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 1.8,
"impactScore": 4.7,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-005048",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-8486",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cybersecurity@ch.abb.com",
"id": "CVE-2020-8486",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2020-005048",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2020-27095",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-2374",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "b72df7f5-1872-4f76-b50e-aa8338e26f06",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "IVD",
"id": "ec13e7f9-33d1-4526-b971-aa8b53dffd8f",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-186611",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2020-8486",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "b72df7f5-1872-4f76-b50e-aa8338e26f06"
},
{
"db": "IVD",
"id": "ec13e7f9-33d1-4526-b971-aa8b53dffd8f"
},
{
"db": "CNVD",
"id": "CNVD-2020-27095"
},
{
"db": "VULHUB",
"id": "VHN-186611"
},
{
"db": "VULMON",
"id": "CVE-2020-8486"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005048"
},
{
"db": "NVD",
"id": "CVE-2020-8486"
},
{
"db": "NVD",
"id": "CVE-2020-8486"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2374"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Insufficient protection of the inter-process communication functions in ABB System 800xA RNRP (all published versions) enables an attacker authenticated on the local system to inject data, affect node redundancy handling. ABB System 800xA RNRP There is an unspecified vulnerability in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. ABB System 800xA RNRP is a redundant network routing protocol used in ABB System 800xA distributed control system by Swiss ABB company. \n\r\n\r\nABB System 800xA RNRP (all versions) has a vulnerability in permissions and access control issues",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-8486"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005048"
},
{
"db": "CNVD",
"id": "CNVD-2020-27095"
},
{
"db": "IVD",
"id": "b72df7f5-1872-4f76-b50e-aa8338e26f06"
},
{
"db": "IVD",
"id": "ec13e7f9-33d1-4526-b971-aa8b53dffd8f"
},
{
"db": "VULHUB",
"id": "VHN-186611"
},
{
"db": "VULMON",
"id": "CVE-2020-8486"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-8486",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-20-154-03",
"trust": 1.4
},
{
"db": "CNVD",
"id": "CNVD-2020-27095",
"trust": 1.1
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2374",
"trust": 1.1
},
{
"db": "JVN",
"id": "JVNVU94921886",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005048",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2020.1923",
"trust": 0.6
},
{
"db": "IVD",
"id": "B72DF7F5-1872-4F76-B50E-AA8338E26F06",
"trust": 0.2
},
{
"db": "IVD",
"id": "EC13E7F9-33D1-4526-B971-AA8B53DFFD8F",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-186611",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2020-8486",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "b72df7f5-1872-4f76-b50e-aa8338e26f06"
},
{
"db": "IVD",
"id": "ec13e7f9-33d1-4526-b971-aa8b53dffd8f"
},
{
"db": "CNVD",
"id": "CNVD-2020-27095"
},
{
"db": "VULHUB",
"id": "VHN-186611"
},
{
"db": "VULMON",
"id": "CVE-2020-8486"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005048"
},
{
"db": "NVD",
"id": "CVE-2020-8486"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2374"
}
]
},
"id": "VAR-202004-2165",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "b72df7f5-1872-4f76-b50e-aa8338e26f06"
},
{
"db": "IVD",
"id": "ec13e7f9-33d1-4526-b971-aa8b53dffd8f"
},
{
"db": "CNVD",
"id": "CNVD-2020-27095"
},
{
"db": "VULHUB",
"id": "VHN-186611"
}
],
"trust": 1.85
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.0
}
],
"sources": [
{
"db": "IVD",
"id": "b72df7f5-1872-4f76-b50e-aa8338e26f06"
},
{
"db": "IVD",
"id": "ec13e7f9-33d1-4526-b971-aa8b53dffd8f"
},
{
"db": "CNVD",
"id": "CNVD-2020-27095"
}
]
},
"last_update_date": "2023-12-18T11:58:23.735000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SECURITY Interprocess communication vulnerability in System 800xA",
"trust": 0.8,
"url": "https://search.abb.com/library/download.aspx?documentid=2paa121236\u0026languagecode=en\u0026documentpartid=\u0026action=launch"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-005048"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-005048"
},
{
"db": "NVD",
"id": "CVE-2020-8486"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-8486"
},
{
"trust": 1.7,
"url": "https://search.abb.com/library/download.aspx?documentid=2paa121236\u0026languagecode=en\u0026documentpartid=\u0026action=launch"
},
{
"trust": 1.4,
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-154-03"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-8486"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu94921886/index.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1923/"
},
{
"trust": 0.1,
"url": "https://search.abb.com/library/download.aspx?documentid=2paa121236\u0026amp;languagecode=en\u0026amp;documentpartid=\u0026amp;action=launch"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-27095"
},
{
"db": "VULHUB",
"id": "VHN-186611"
},
{
"db": "VULMON",
"id": "CVE-2020-8486"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005048"
},
{
"db": "NVD",
"id": "CVE-2020-8486"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2374"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "b72df7f5-1872-4f76-b50e-aa8338e26f06"
},
{
"db": "IVD",
"id": "ec13e7f9-33d1-4526-b971-aa8b53dffd8f"
},
{
"db": "CNVD",
"id": "CNVD-2020-27095"
},
{
"db": "VULHUB",
"id": "VHN-186611"
},
{
"db": "VULMON",
"id": "CVE-2020-8486"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005048"
},
{
"db": "NVD",
"id": "CVE-2020-8486"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2374"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-04-28T00:00:00",
"db": "IVD",
"id": "b72df7f5-1872-4f76-b50e-aa8338e26f06"
},
{
"date": "2020-04-28T00:00:00",
"db": "IVD",
"id": "ec13e7f9-33d1-4526-b971-aa8b53dffd8f"
},
{
"date": "2020-05-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-27095"
},
{
"date": "2020-04-29T00:00:00",
"db": "VULHUB",
"id": "VHN-186611"
},
{
"date": "2020-04-29T00:00:00",
"db": "VULMON",
"id": "CVE-2020-8486"
},
{
"date": "2020-06-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-005048"
},
{
"date": "2020-04-29T02:15:12.263000",
"db": "NVD",
"id": "CVE-2020-8486"
},
{
"date": "2020-04-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2374"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-27095"
},
{
"date": "2020-05-07T00:00:00",
"db": "VULHUB",
"id": "VHN-186611"
},
{
"date": "2020-05-07T00:00:00",
"db": "VULMON",
"id": "CVE-2020-8486"
},
{
"date": "2020-06-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-005048"
},
{
"date": "2020-05-07T21:05:49.190000",
"db": "NVD",
"id": "CVE-2020-8486"
},
{
"date": "2020-06-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2374"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2374"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ABB System 800xA RNRP Vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-005048"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2374"
}
],
"trust": 0.6
}
}
CVE-2020-8486 (GCVE-0-2020-8486)
Vulnerability from cvelistv5 – Published: 2020-04-29 01:59 – Updated: 2024-08-04 10:03
VLAI?
Title
ABB System 800xA Inter process communication vulnerability - 800xA RNRP
Summary
Insufficient protection of the inter-process communication functions in ABB System 800xA RNRP (all published versions) enables an attacker authenticated on the local system to inject data, affect node redundancy handling.
Severity ?
6.6 (Medium)
CWE
- CWE-264 - Permissions, Privileges, and Access Controls
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ABB | 800xA RNRP |
Affected:
all versions
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:03:46.229Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=2PAA121236\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "800xA RNRP",
"vendor": "ABB",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Insufficient protection of the inter-process communication functions in ABB System 800xA RNRP (all published versions) enables an attacker authenticated on the local system to inject data, affect node redundancy handling."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-264",
"description": "CWE-264 Permissions, Privileges, and Access Controls",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-29T01:59:23",
"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"shortName": "ABB"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=2PAA121236\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "ABB System 800xA Inter process communication vulnerability - 800xA RNRP",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cybersecurity@ch.abb.com",
"ID": "CVE-2020-8486",
"STATE": "PUBLIC",
"TITLE": "ABB System 800xA Inter process communication vulnerability - 800xA RNRP"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "800xA RNRP",
"version": {
"version_data": [
{
"version_affected": "undefined",
"version_value": "all versions"
}
]
}
}
]
},
"vendor_name": "ABB"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insufficient protection of the inter-process communication functions in ABB System 800xA RNRP (all published versions) enables an attacker authenticated on the local system to inject data, affect node redundancy handling."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-264 Permissions, Privileges, and Access Controls"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://search.abb.com/library/Download.aspx?DocumentID=2PAA121236\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch",
"refsource": "CONFIRM",
"url": "https://search.abb.com/library/Download.aspx?DocumentID=2PAA121236\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"assignerShortName": "ABB",
"cveId": "CVE-2020-8486",
"datePublished": "2020-04-29T01:59:23",
"dateReserved": "2020-01-30T00:00:00",
"dateUpdated": "2024-08-04T10:03:46.229Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-8486 (GCVE-0-2020-8486)
Vulnerability from nvd – Published: 2020-04-29 01:59 – Updated: 2024-08-04 10:03
VLAI?
Title
ABB System 800xA Inter process communication vulnerability - 800xA RNRP
Summary
Insufficient protection of the inter-process communication functions in ABB System 800xA RNRP (all published versions) enables an attacker authenticated on the local system to inject data, affect node redundancy handling.
Severity ?
6.6 (Medium)
CWE
- CWE-264 - Permissions, Privileges, and Access Controls
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ABB | 800xA RNRP |
Affected:
all versions
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:03:46.229Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=2PAA121236\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "800xA RNRP",
"vendor": "ABB",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Insufficient protection of the inter-process communication functions in ABB System 800xA RNRP (all published versions) enables an attacker authenticated on the local system to inject data, affect node redundancy handling."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-264",
"description": "CWE-264 Permissions, Privileges, and Access Controls",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-29T01:59:23",
"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"shortName": "ABB"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=2PAA121236\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "ABB System 800xA Inter process communication vulnerability - 800xA RNRP",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cybersecurity@ch.abb.com",
"ID": "CVE-2020-8486",
"STATE": "PUBLIC",
"TITLE": "ABB System 800xA Inter process communication vulnerability - 800xA RNRP"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "800xA RNRP",
"version": {
"version_data": [
{
"version_affected": "undefined",
"version_value": "all versions"
}
]
}
}
]
},
"vendor_name": "ABB"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insufficient protection of the inter-process communication functions in ABB System 800xA RNRP (all published versions) enables an attacker authenticated on the local system to inject data, affect node redundancy handling."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-264 Permissions, Privileges, and Access Controls"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://search.abb.com/library/Download.aspx?DocumentID=2PAA121236\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch",
"refsource": "CONFIRM",
"url": "https://search.abb.com/library/Download.aspx?DocumentID=2PAA121236\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"assignerShortName": "ABB",
"cveId": "CVE-2020-8486",
"datePublished": "2020-04-29T01:59:23",
"dateReserved": "2020-01-30T00:00:00",
"dateUpdated": "2024-08-04T10:03:46.229Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}