CVE-2016-4516

CWE-200 ā€” Information ExposureCWE-122 ā€” Heap-based Buffer Overflow4 documents4 sources
Severity
3.3LOW
EPSS
0.0%
top 85.37%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
ABB Pcm600
Timeline
PublishedJun 10
Latest updateMay 17

Description

ABB PCM600 before 2.7 improperly stores the main application password after a password change, which allows local users to obtain sensitive information via unspecified vectors.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 1.8 | Impact: 1.4

Affected Packages1 packages

ā–¶NVDabb/pcm6002.6

šŸ”“Vulnerability Details

2
GHSA
GHSA-3p2g-r477-j4fj: ABB PCM600 before 2ā†—2022-05-17
ā–¶
CVEList
CVE-2016-4516: ABB PCM600 before 2ā†—2016-06-10
ā–¶

šŸ“‹Vendor Advisories

1
Red Hat
jasper: heap buffer overflow in jpc_dec_cp_setfromcox() (rejected duplicate of CVE-2011-4516)ā†—2016-10-17
ā–¶
CVE-2016-4516 (LOW CVSS 3.3) | ABB PCM600 before 2.7 improperly st | cvebase.io