ABB eSOMS version 6.0.2 may allow unauthorized access to the system when LDAP is set to allow anonymous authentication, and specific key values within the eSOMS web.config file are present. Both conditions are required to exploit this vulnerability.
                
            References
                    | Link | Resource | 
|---|---|
| http://www.securityfocus.com/bid/105169 | Third Party Advisory VDB Entry | 
| https://ics-cert.us-cert.gov/advisories/ICSA-18-240-04 | Third Party Advisory US Government Resource | 
| https://search.abb.com/library/Download.aspx?DocumentID=9AKK107046A5821&LanguageCode=en&DocumentPartId=&Action=Launch | Mitigation Vendor Advisory | 
| http://www.securityfocus.com/bid/105169 | Third Party Advisory VDB Entry | 
| https://ics-cert.us-cert.gov/advisories/ICSA-18-240-04 | Third Party Advisory US Government Resource | 
| https://search.abb.com/library/Download.aspx?DocumentID=9AKK107046A5821&LanguageCode=en&DocumentPartId=&Action=Launch | Mitigation Vendor Advisory | 
Configurations
                    History
                    No history.
Information
                Published : 2018-08-29 16:29
Updated : 2024-11-21 03:49
NVD link : CVE-2018-14805
Mitre link : CVE-2018-14805
CVE.ORG link : CVE-2018-14805
JSON object : View
Products Affected
                hitachienergy
- esoms
CWE
                
                    
                        
                        CWE-287
                        
            Improper Authentication
