CVE-2018-14805

CVE-2018-14805

Vendor Ics-Cert
Product ABB eSOMS
Weakness CWE-287 · Improper authentication
Published August 29, 2018
Last update September 17, 2024

CVSS base score

What the vulnerability does

01Description

ABB eSOMS version 6.0.2 may allow unauthorized access to the system when LDAP is set to allow anonymous authentication, and specific key values within the eSOMS web.config file are present. Both conditions are required to exploit this vulnerability.

Key dates

02Disclosure timeline

August 29, 2018 CVE published
September 17, 2024 Record updated