CVE-2022-34836

CWE-23CWE-22Path Traversal3 documents3 sources
Severity
8.2HIGH
EPSS
0.5%
top 32.81%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
ABB ABB ZenonABB Zenon
Timeline
PublishedAug 24
Latest updateAug 25

Description

Relative Path Traversal vulnerability in ABB Zenon 8.20 allows the user to access files on the Zenon system and user also can add own log messages and e.g., flood the log entries. An attacker who successfully exploit the vulnerability could access the Zenon runtime activities such as the start and stop of various activity and the last error code etc.

CVSS vector

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:NExploitability: 1.6 | Impact: 4.2

Affected Packages2 packages

NVDabb/zenon8.20
CVEListV5abb/abb_zenonunspecified8.20

🔴Vulnerability Details

2
GHSA
GHSA-6xw9-67rg-3fpv: Relative Path Traversal vulnerability in ABB Zenon 82022-08-25
CVEList
ABB Ability TM Operations Data Management Zenon Zenon Log Server file access control2022-08-24
CVE-2022-34836 (HIGH CVSS 8.2) | Relative Path Traversal vulnerabili | cvebase.io