Overview
- Description
- Cross-Site Request Forgery (CSRF) vulnerability in ABB Pulsar Plus System Controller NE843_S, ABB Infinity DC Power Plant allows Cross Site Request Forgery.This issue affects Pulsar Plus System Controller NE843_S : comcode 150042936; Infinity DC Power Plant: H5692448 G104 G842 G224L G630-4 G451C(2) G461(2) – comcode 150047415.
- Source
- cybersecurity@ch.abb.com
- NVD status
- Modified
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
Social media
- Hype score
- Not currently trending
Configurations
[ { "nodes": [ { "negate": false, "cpeMatch": [ { "criteria": "cpe:2.3:a:abb:infinity_dc_power_plant:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "61279EF7-81F5-4044-9B54-9E263B4A4CBB", "versionEndExcluding": "5.0.0" }, { "criteria": "cpe:2.3:a:abb:ne843_s:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "493D2774-FE8A-4709-A2B0-FA0A95DA3AC3", "versionEndExcluding": "5.0.0" } ], "operator": "OR" } ] } ]