Vulnerability Details : CVE-2016-4511
ABB PCM600 before 2.7 uses an improper hash algorithm for the main application password, which makes it easier for local users to obtain sensitive cleartext information by leveraging read access to the ACTConfig configuration file.
Exploit prediction scoring system (EPSS) score for CVE-2016-4511
Probability of exploitation activity in the next 30 days: 0.04%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ % EPSS Score History EPSS FAQ
CVSS scores for CVE-2016-4511
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
1.9
|
LOW | AV:L/AC:M/Au:N/C:P/I:N/A:N |
3.4
|
2.9
|
NIST |
2.8
|
LOW | CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N |
1.3
|
1.4
|
NIST |
CWE ids for CVE-2016-4511
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-4511
-
https://ics-cert.us-cert.gov/advisories/ICSA-16-152-02
ABB PCM600 Vulnerabilities | CISAThird Party Advisory;US Government Resource
Products affected by CVE-2016-4511
- cpe:2.3:a:abb:pcm600:*:*:*:*:*:*:*:*