CVE-2023-1258

CVSS V2 None CVSS V3 None
Description
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in ABB Flow-X firmware on Flow-X embedded hardware (web service modules) allows Footprinting.This issue affects Flow-X: before 4.0.
Overview
  • CVE ID
  • CVE-2023-1258
  • Assigner
  • cybersecurity@ch.abb.com
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2023-03-31T08:15:06
  • Last Modified Date
  • 2023-04-06T18:24:37
Weakness Enumerations
CWE URL
CWE-200 http://cwe.mitre.org/data/definitions/200.html
CWE-200 http://cwe.mitre.org/data/definitions/200.html
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
AND
cpe:2.3:o:abb:flow-x\/m_firmware:*:*:*:*:*:*:*:* 1 OR 3.2.6
cpe:2.3:h:abb:flow-x\/m:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:abb:flow-x\/c_firmware:*:*:*:*:*:*:*:* 1 OR 3.2.6
cpe:2.3:h:abb:flow-x\/c:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:abb:flow-x\/k_firmware:*:*:*:*:*:*:*:* 1 OR 3.2.6
cpe:2.3:h:abb:flow-x\/k:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:abb:flow-x\/s_firmware:*:*:*:*:*:*:*:* 1 OR 3.2.6
cpe:2.3:h:abb:flow-x\/s:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:abb:flow-x\/p_firmware:*:*:*:*:*:*:*:* 1 OR 3.2.6
cpe:2.3:h:abb:flow-x\/p:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:abb:flow-x_r_firmware:*:*:*:*:*:*:*:* 1 OR 3.2.6
cpe:2.3:h:abb:flow-x_r:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:abb:flow-x\/t_firmware:*:*:*:*:*:*:*:* 1 OR 3.2.6
cpe:2.3:h:abb:flow-x\/t:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:abb:flow-x\/web_firmware:*:*:*:*:*:*:*:* 1 OR 3.2.6
cpe:2.3:h:abb:flow-x\/web:-:*:*:*:*:*:*:* 0 OR
References
Reference URL Reference Tags
https://search.abb.com/library/Download.aspx?DocumentID=9AKK108467A9754&LanguageCode=en&DocumentPartId=&Action=Launch Vendor Advisory
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2023-1258
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1258
History
Created Old Value New Value Data Type Notes
2023-04-17 03:57:11 Added to TrackCVE
2023-04-17 03:57:13 Weakness Enumeration new