CVE-2018-14805
First published: Tue Aug 28 2018(Updated: )
ABB eSOMS version 6.0.2 may allow unauthorized access to the system when LDAP is set to allow anonymous authentication, and specific key values within the eSOMS web.config file are present. Both conditions are required to exploit this vulnerability.
Credit: ics-cert@hq.dhs.gov
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Hitachienergy Esoms | =6.0.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2018-14805?
CVE-2018-14805 is a vulnerability in ABB eSOMS version 6.0.2 that may allow unauthorized access to the system when LDAP is set to allow anonymous authentication.
How severe is CVE-2018-14805?
CVE-2018-14805 has a severity rating of 9.8, which is considered critical.
How can CVE-2018-14805 be exploited?
To exploit CVE-2018-14805, both the LDAP must be set to allow anonymous authentication and specific key values within the eSOMS web.config file must be present.
Which software versions are affected by CVE-2018-14805?
ABB eSOMS version 6.0.2 is affected by CVE-2018-14805.
How can I fix CVE-2018-14805?
To fix CVE-2018-14805, it is recommended to update ABB eSOMS to a version that addresses this vulnerability and properly configure LDAP authentication.
- collector/nvd-index
- agent/severity
- agent/references
- agent/tags
- agent/event
- agent/weakness
- agent/author
- agent/description
- agent/type
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/hitachienergy
- canonical/hitachienergy esoms
- version/hitachienergy esoms/6.0.2