Unrated severityNVD Advisory· Published May 22, 2023· Updated Jan 21, 2025

QCS 800xA Vulnerability identified in system log files

CVE-2022-0010

Description

Insertion of Sensitive Information into Log File vulnerability in ABB QCS 800xA, ABB QCS AC450, ABB Platform Engineering Tools.

An attacker, who already has local access to the QCS nodes, could successfully obtain the password for a system user account. Using this information, the attacker could have the potential to exploit this vulnerability to gain control of system nodes.

This issue affects QCS 800xA: from 1.0;0 through 6.1SP2; QCS AC450: from 1.0;0 through 5.1SP2; Platform Engineering Tools: from 1.0:0 through 2.3.0.

Affected products

Abb/QCS 800xAllm-create2 versions
>=1.0.0 <=6.1SP2+ 1 more
- (no CPE)range: >=1.0.0 <=6.1SP2
- (no CPE)range: 1.0;0
Abb/QCS AC450llm-create2 versions
>=1.0.0 <=5.1SP2+ 1 more
- (no CPE)range: >=1.0.0 <=5.1SP2
- (no CPE)range: 1.0;0
Abb/Platform Engineering Toolsllm-create2 versions
>=1.0.0 <=2.3.0+ 1 more
- (no CPE)range: >=1.0.0 <=2.3.0
- (no CPE)range: 1.0:0

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000

QCS 800xA Vulnerability identified in system log files

Description

Affected products

Patches

Vulnerability mechanics

References

News mentions