cvelistv5 - cve-2023-0228

▼	URL	Tags
	cybersecurity@ch.abb.com	https://search.abb.com/library/Download.aspx?DocumentID=7PAA006722&LanguageCode=en&DocumentPartId=&Action=Launch	Vendor Advisory

ghsa-77h3-ghcp-37gm

Vulnerability from github

Published

2023-03-02 03:30

Modified

2023-03-10 06:30

Severity ?

8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

Improper Authentication vulnerability in ABB Symphony Plus S+ Operations allows Man in the Middle Attack.This issue affects Symphony Plus S+ Operations: from 2.X through 2.1 SP2, 2.2, from 3.X through 3.3 SP1, 3.3 SP2.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2023-0228"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-287"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-03-02T02:15:00Z",
    "severity": "HIGH"
  },
  "details": "Improper Authentication vulnerability in ABB Symphony Plus S+ Operations allows Man in the Middle Attack.This issue affects Symphony Plus S+ Operations: from 2.X through 2.1 SP2, 2.2, from 3.X through 3.3 SP1, 3.3 SP2.",
  "id": "GHSA-77h3-ghcp-37gm",
  "modified": "2023-03-10T06:30:20Z",
  "published": "2023-03-02T03:30:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0228"
    },
    {
      "type": "WEB",
      "url": "https://search.abb.com/library/Download.aspx?DocumentID=7PAA006722\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

icsa-23-068-03

Vulnerability from csaf_cisa

Published

2023-04-03 13:25

Modified

2023-04-03 13:25

Summary

ABB Ability Symphony Plus

Notes

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Legal Notice

All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

Risk evaluation

Successful exploitation of this vulnerability could allow an unauthorized client to connect to the S+ Operations servers (human machine interface (HMI) network), to act as a legitimate S+ Operations client.

Critical infrastructure sectors

Chemical, Critical Manufacturing, Dams, Energy, Food and Agriculture, Water and Wastewater

Countries/areas deployed

Worldwide

Company headquarters location

Switzerland

Recommended Practices

CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:

Recommended Practices

Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the Internet.

Recommended Practices

Locate control system networks and remote devices behind firewalls and isolate them from business networks.

Recommended Practices

When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as its connected devices.

Recommended Practices

CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.

Recommended Practices

CISA also provides a section for control systems security recommended practices on the ICS webpage at cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices

Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.

Recommended Practices

Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.

Recommended Practices

CISA also recommends users take the following measures to protect themselves from social engineering attacks:

Recommended Practices

Do not click web links or open attachments in unsolicited email messages.

Recommended Practices

Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.

Recommended Practices

Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.

Recommended Practices

No known public exploits specifically target this vulnerability. This vulnerability is exploitable from an adjacent network. This vulnerability has low attack complexity.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "organization": "ABB",
        "summary": "reporting this vulnerability on their website publicly"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "summary",
        "text": "Successful exploitation of this vulnerability could allow an unauthorized client to connect to the S+ Operations servers (human machine interface (HMI) network), to act as a legitimate S+ Operations client.",
        "title": "Risk evaluation"
      },
      {
        "category": "other",
        "text": "Chemical, Critical Manufacturing, Dams, Energy, Food and Agriculture, Water and Wastewater",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "Switzerland",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the Internet.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Locate control system networks and remote devices behind firewalls and isolate them from business networks.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as its connected devices.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA also provides a section for control systems security recommended practices on the ICS webpage at cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA also recommends users take the following measures to protect themselves from social engineering attacks:",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Do not click web links or open attachments in unsolicited email messages.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "No known public exploits specifically target this vulnerability. This vulnerability is exploitable from an adjacent network. This vulnerability has low attack complexity.",
        "title": "Recommended Practices"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-23-068-03 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2023/icsa-23-068-03.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-23-068-03 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-068-03"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://us-cert.cisa.gov/ics/Recommended-Practices"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://cisa.gov/ics"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/sites/default/files/publications/emailscams0905.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ncas/tips/ST04-014"
      }
    ],
    "title": "ABB Ability Symphony Plus",
    "tracking": {
      "current_release_date": "2023-04-03T13:25:41.249897Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-23-068-03",
      "initial_release_date": "2023-04-03T13:25:41.249897Z",
      "revision_history": [
        {
          "date": "2023-04-03T13:25:41.249897Z",
          "legacy_version": "1",
          "number": "1",
          "summary": "CSAF Creation Date"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "3.3 SP2 (part of SPR1 2023.0)",
                "product": {
                  "name": "S+ Operations: 3.3 SP2 (part of SPR1 2023.0)",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "S+ Operations"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c 3.3 SP1 3.x",
                "product": {
                  "name": "S+ Operations: 3.3 SP1 and earlier 3.x versions",
                  "product_id": "CSAFPID-0002"
                }
              }
            ],
            "category": "product_name",
            "name": "S+ Operations"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "2.2",
                "product": {
                  "name": "S+ Operations: 2.2",
                  "product_id": "CSAFPID-0003"
                }
              }
            ],
            "category": "product_name",
            "name": "S+ Operations"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c 2.1 SP2",
                "product": {
                  "name": "S+ Operations: 2.1 SP2 and earlier 2.x versions",
                  "product_id": "CSAFPID-0004"
                }
              }
            ],
            "category": "product_name",
            "name": "S+ Operations"
          }
        ],
        "category": "vendor",
        "name": "ABB"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-0228",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An unauthorized client able to connect to the ABB S+ Operations servers (HMI network) can act as a legitimate S+ Operations client, reading any data and changing its configuration, which could result in corruption of data, unauthorized disclosure of information, unexpected operation of equipment or causing the product or system to stop (denial-of-service condition). CVE-2023-0228 has been assigned to this vulnerability. A CVSS v3 base score of 8.8 has been calculated; the CVSS vector string is (AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-0228"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "ABB advises all users to review their installations to determine if they are using an impacted product as listed above.  End users should immediately apply the mitigations listed below to restrict or prevent an attacker\u2019s ability to compromise these systems.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "S+ Operations 3.3 SP2 (part of SPR2 2023.0): deploy the upcoming update for this version; planned release within Quarter (Q) 3 2023.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "S+ Operations 3.3 SP1 and earlier 3.x versions: deploy the upcoming update for this version; planned release within Q4 2023.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "S+ Operations 2.2: deploy the upcoming update for this version; planned release within Q4 2023.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "S+ Operations 2.1 SP2 and earlier 2.x versions: upgrade the system to version S+ Operations 3.3 with the updates described above to mitigate the issue completely.In addition to the updates above, ABB recommends users follow the mitigating factors as described below:",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Follow the ABB\u0027s recommended approach of designing and deploying a secure network for industrial use, ICS Cyber Security Reference Architecture Guide, 8VZZ000368D0066\u2014S+ Operations is not intended to be directly connected to the internet.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ],
          "url": "https://login.microsoftonline.com/372ee9e0-9ce0-4033-a64a-c07073a91ecd/oauth2/v2.0/authorize?client_id=88fb8a86-3cd9-4c2b-b649-f2faf14ca03d\u0026redirect_uri=https%3A%2F%2Fsearch.abb.com%2Fsignin-oidc\u0026response_type=code\u0026scope=openid%20profile%20offline_access%20email\u0026code_challenge=FglMB73hz9BqOPqIMs4az18Zi2lpaX_R3tkDOzFqtdM\u0026code_challenge_method=S256\u0026response_mode=form_post\u0026nonce=638133976753389181.Y2EwY2NlNmMtODM5YS00MDE0LWI5ZGQtNzZjMGYzMjE0YWEyOGNhYjE4MmUtMDY3NC00MWY0LWI4OWYtNGIyNTEyOTgzMTk4\u0026client_info=1\u0026x-client-brkrver=IDWeb.1.25.10.0\u0026state=CfDJ8HNRo0bisw1Kg1fvNdc8yo0oUKgav3Ie8YwdzV3ekmyVTwEsM5HejhskUC_QB9NR5iMTIxMJBlY0JOSIZTBh-e6wWbs0yhecZAKyo0OCXQfZ0gsqf4DIVBpXyJ01xt18NmLh0QipBHLVT42gkLTlrSSvxhA_Ke33x6oPREMARos6H2f0oebUPS1Q6accAX9pUUaXBpgTqfl28Awi4yuEAFv9ZPBQQU9HRa0Ntp-G0yIfTVkQZj7CfN6o3koLgKNxhJwTF-JYAaYZwamSHwQdUhRJ4B0z8eg4-e7CJhW6LbrJdAqye1PnSWHoD_TG7lIXpAQeOsVv2oGyxn6A77gUdSi02GMC0iu0L0UfKX88XdZ09i2qmEgb-9W08kxoweYhP1kUPLrmf-KSnREFcLdWxNhqpNHcq6u4UvAonxHo8ahLo09mEs0U7MUCZSr0CXKrAaMak5FwWr9e3FYBdVD425oWUIP-s_aqQpx0d4oexi0O3IVUH5FSkzs-lETskmqAaTg_1ov3REiDqgS2eLA6fCCwG8qhVP9_e0cAD_eG8ALlnhHjaQDENFeLNFhnG0o6VQ\u0026x-client-SKU=ID_NET6_0\u0026x-client-ver=6.25.1.0"
        },
        {
          "category": "vendor_fix",
          "details": "Enable host authentication and data integrity via IPsec\u2014documented in \u201cSymphony Plus Secure deployment guide for Windows 10 and Server 2016/2019 user manual\u201d, 8VZZ001006T0001\u2014to prevent an attack by an unauthorized client able to connect to the S+ Operations servers (HMI network).",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ],
          "url": "https://login.microsoftonline.com/372ee9e0-9ce0-4033-a64a-c07073a91ecd/oauth2/v2.0/authorize?client_id=88fb8a86-3cd9-4c2b-b649-f2faf14ca03d\u0026redirect_uri=https%3A%2F%2Fsearch.abb.com%2Fsignin-oidc\u0026response_type=code\u0026scope=openid%20profile%20offline_access%20email\u0026code_challenge=xHFVx1KTzW1wBjYPLmEemm194fuffzBWxHAJqA_2BYM\u0026code_challenge_method=S256\u0026response_mode=form_post\u0026nonce=638133977256478765.MTQ1N2Y4NGEtN2YzMS00NGE5LTg1YjItZjZiMTU3OGQxMWJkM2YzY2E5NjctZjY4NC00ZWYyLWE4NDMtOWJmZDM2NmMwYjhl\u0026client_info=1\u0026x-client-brkrver=IDWeb.1.25.10.0\u0026state=CfDJ8HNRo0bisw1Kg1fvNdc8yo2yaN6PUv2jb2yxPdFQO07cizx_dAjHcHUC5j40TI08L6WhxjJBigihEJUKHRNO3eEVJVoBjVTyXNC7_cqfwjr3mCZUc1YEXV7lioDAjNeqcLp5erSJm7LvJ_tBs0AZjtP--S0iuDItWWjbZ6Ldz_8W99jecV_deSwReUk4gS6ySgdskbB5fpz9R1xXlNL94KhxNMII1AKj-ZkAcrtEUkGb3FF-ZDMKtAfvZtIfynzHY5BWGjVPBA8CrxjKZ5RoXdheadkxdAxY2pL14gFVYRbHpC2uIH1J6HNTTNV8s5g4Dcc5L_jrqi7y9fdIOb3D75drI2b6DOX9Vd9VQlkbOELDkWvY0mHwvIFiRyPQAMWPilyzA8c-FOdGBHgIv8Ad_Q8ofiA7ROMSC4S9ba1MdkuI4AtTSGc-xKIg2u0lJKJqIyrVtzQCdCPryTvQYm61EP7jiyWZyTKFoIb2nL82qY-J8N9GucjMWcfGWH-pov_1_oTtGkvCCb8iFbZIrVopM4gRYbJQQHR51hGatXiNgg78bQ0Otsc8k-waUzPlOyazmA\u0026x-client-SKU=ID_NET6_0\u0026x-client-ver=6.25.1.0"
        },
        {
          "category": "vendor_fix",
          "details": "Apply security countermeasures at host-level to mitigate the likelihood of an attack to the S+ Operations client machine, like hardening practices and use of malware prevention solutions\u2014see section \u201cWhat is the scope of the vulnerability?For more information, see ABB\u0027s cybersecurity advisory.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ],
          "url": "https://search.abb.com/library/Download.aspx?DocumentID=7PAA006722"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ]
        }
      ]
    }
  ]
}

gsd-2023-0228

Vulnerability from gsd

Modified

2023-12-13 01:20

Details

Improper Authentication vulnerability in ABB Symphony Plus S+ Operations.This issue affects Symphony Plus S+ Operations: from 2.X through 2.1 SP2, 2.2, from 3.X through 3.3 SP1, 3.3 SP2.

Aliases

CVE-2023-0228

Aliases

CVE-2023-0228

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2023-0228",
    "id": "GSD-2023-0228"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2023-0228"
      ],
      "details": "Improper Authentication vulnerability in ABB Symphony Plus S+ Operations.This issue affects Symphony Plus S+ Operations: from 2.X through 2.1 SP2, 2.2, from 3.X through 3.3 SP1, 3.3 SP2.",
      "id": "GSD-2023-0228",
      "modified": "2023-12-13T01:20:22.479262Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cybersecurity@ch.abb.com",
        "ID": "CVE-2023-0228",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Symphony Plus S+ Operations",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c=",
                          "version_name": "2.x",
                          "version_value": "2.1 SP2"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "2.2"
                        },
                        {
                          "version_affected": "\u003c=",
                          "version_name": "3.x",
                          "version_value": "3.3 SP1"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "3.3 SP2"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "ABB"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Improper Authentication vulnerability in ABB Symphony Plus S+ Operations.This issue affects Symphony Plus S+ Operations: from 2.X through 2.1 SP2, 2.2, from 3.X through 3.3 SP1, 3.3 SP2."
          }
        ]
      },
      "generator": {
        "engine": "Vulnogram 0.1.0-dev"
      },
      "impact": {
        "cvss": [
          {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "cweId": "CWE-287",
                "lang": "eng",
                "value": "CWE-287 Improper Authentication"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://search.abb.com/library/Download.aspx?DocumentID=7PAA006722\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch",
            "refsource": "MISC",
            "url": "https://search.abb.com/library/Download.aspx?DocumentID=7PAA006722\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
          }
        ]
      },
      "source": {
        "discovery": "UNKNOWN"
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:abb:symphony_plus_s\\+_operations:2.1:-:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:abb:symphony_plus_s\\+_operations:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "2.1",
                "versionStartIncluding": "2.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:abb:symphony_plus_s\\+_operations:2.1:sp2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:abb:symphony_plus_s\\+_operations:3.3:sp1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:abb:symphony_plus_s\\+_operations:3.3:sp2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:abb:symphony_plus_s\\+_operations:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "3.3",
                "versionStartIncluding": "3.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:abb:symphony_plus_s\\+_operations:3.3:-:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:abb:symphony_plus_s\\+_operations:2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@ch.abb.com",
          "ID": "CVE-2023-0228"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Improper Authentication vulnerability in ABB Symphony Plus S+ Operations.This issue affects Symphony Plus S+ Operations: from 2.X through 2.1 SP2, 2.2, from 3.X through 3.3 SP1, 3.3 SP2."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-287"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://search.abb.com/library/Download.aspx?DocumentID=7PAA006722\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://search.abb.com/library/Download.aspx?DocumentID=7PAA006722\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2023-03-10T05:02Z",
      "publishedDate": "2023-03-02T02:15Z"
    }
  }
}

cve-2023-0228

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature

Action not permitted

cve-2023-0228

Vulnerability from cvelistv5

ghsa-77h3-ghcp-37gm

Vulnerability from github

icsa-23-068-03

Vulnerability from csaf_cisa

gsd-2023-0228

Vulnerability from gsd

Tags

Sightings

Nomenclature