Skip to main content

Insufficiently Protected Credentials

CVE-2022-34838

Severity High
Score 8.4/10

Summary

Storing Passwords in a Recoverable Format vulnerability in ABB Zenon 8.20 allows an attacker who successfully exploit the vulnerability may add or alter data points and corresponding attributes. Once such engineering data is used the data visualization will be altered for the end user.

  • LOW
  • LOCAL
  • HIGH
  • CHANGED
  • NONE
  • LOW
  • HIGH
  • NONE

CWE-522 - Insufficiently Protected Credentials

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

References

Advisory Timeline

  • Published