VYPR
Unrated severityNVD Advisory· Published Feb 17, 2020· Updated Aug 5, 2024

Asset Suite Direct Object Reference Access

CVE-2019-18998

Description

Insufficient access control in the web interface of ABB Asset Suite versions 9.0 to 9.3, 9.4 prior to 9.4.2.6, 9.5 prior to 9.5.3.2 and 9.6.0 enables full access to directly referenced objects. An attacker with knowledge of a resource's URL can access the resource directly.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Range: 9.0 to 9.3, 9.4 < 9.4.2.6, 9.5 < 9.5.3.2, 9.6.0
  • ABB/Asset Suitev5
    Range: 9.0 to 9.3

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.