Vulnerability Details CVE-2017-7906
In ABB IP GATEWAY 3.39 and prior, the web server does not sufficiently verify that a request was performed by the authenticated user, which may allow an attacker to launch a request impersonating that user.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 42.3%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.8
References
Products affected by CVE-2017-7906
-
cpe:2.3:h:abb:ip_gateway:-
-
cpe:2.3:o:abb:ip_gateway_firmware:3.39