CVE-2024-47784

CWE-6203 documents3 sources
Severity
2.1LOW
EPSS
0.1%
top 82.58%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
ABB ANCABB Anc-lABB Anc-mini
Timeline
PublishedApr 30

Description

Unverified Password Change for ANC software that allows an authenticated attacker to bypass the old Password check in the password change form via a web HMI This issue affects ANC software version 1.1.4 and earlier.

CVSS vector

CVSS:4.0/AV:A/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Affected Packages3 packages

CVEListV5abb/anc1.1.4
CVEListV5abb/anc-l1.1.4
CVEListV5abb/anc-mini1.1.4

🔴Vulnerability Details

2
CVEList
Unverified Password Change2025-04-30
GHSA
GHSA-cfw8-mqxq-pp4x: Unverified Password Change for ANC software that allows an authenticated attacker to bypass the old Password check in the password change form via a w2025-04-30
CVE-2024-47784 (LOW CVSS 2.1) | Unverified Password Change for ANC | cvebase.io