6.7
CVE-2021-22278
- EPSS 0.02%
- Published 28.10.2021 13:15:08
- Last modified 21.11.2024 05:49:50
- Source cybersecurity@ch.abb.com
- Teams watchlist Login
- Open Login
A certificate validation vulnerability in PCM600 Update Manager allows attacker to get unwanted software packages to be installed on computer which has PCM600 installed.
Data is provided by the National Vulnerability Database (NVD)
Abb ≫ Update Manager Version2.1
Abb ≫ Update Manager Version2.1.0.4
Abb ≫ Update Manager Version2.2
Abb ≫ Update Manager Version2.2.0.1
Abb ≫ Update Manager Version2.2.0.2
Abb ≫ Update Manager Version2.2.0.23
Abb ≫ Update Manager Version2.3.0.60
Abb ≫ Update Manager Version2.4.20041.1
Abb ≫ Update Manager Version2.4.20119.2
Abb ≫ Update Manager Version >= 2.7 <= 2.10
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
Type | Source | Score | Percentile |
---|---|---|---|
EPSS | FIRST.org | 0.02% | 0.026 |
Source | Base Score | Exploit Score | Impact Score | Vector string |
---|---|---|---|---|
nvd@nist.gov | 6.7 | 0.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
|
nvd@nist.gov | 4.6 | 3.9 | 6.4 |
AV:L/AC:L/Au:N/C:P/I:P/A:P
|
cybersecurity@ch.abb.com | 6.7 | 0.8 | 5.9 |
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
|
CWE-295 Improper Certificate Validation
The product does not validate, or incorrectly validates, a certificate.