Vulnerability Details CVE-2021-27414
An attacker could trick a user of Hitachi ABB Power Grids Ellipse Enterprise Asset Management (EAM) versions prior to and including 9.0.25 into visiting a malicious website posing as a login page for the Ellipse application and gather authentication credentials.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 29.1%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 4.3
References
- https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A7777&LanguageCode=en&DocumentPartId=&Action=Launch
- https://www.cisa.gov/uscert/ics/advisories/icsa-21-061-01
- https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A7777&LanguageCode=en&DocumentPartId=&Action=Launch
- https://www.cisa.gov/uscert/ics/advisories/icsa-21-061-01
Products affected by CVE-2021-27414
-
cpe:2.3:a:hitachienergy:ellipse_enterprise_asset_management:-
-
cpe:2.3:a:hitachienergy:ellipse_enterprise_asset_management:9.0.22