CVE-2022-1607: Cross Site Scripting vulnerability in NE843 Pulsar Plus Controller
First published: Fri Feb 24 2023(Updated: )
Cross-Site Request Forgery (CSRF) vulnerability in ABB Pulsar Plus System Controller NE843_S, ABB Infinity DC Power Plant allows Cross Site Request Forgery.This issue affects Pulsar Plus System Controller NE843_S : comcode 150042936; Infinity DC Power Plant: H5692448 G104 G842 G224L G630-4 G451C(2) G461(2) – comcode 150047415.
Credit: cybersecurity@ch.abb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| ABB Infinity DC Power Plant | <5.0.0 | |
| Abb Ne843 S | <5.0.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this security issue?
The vulnerability ID for this security issue is CVE-2022-1607.
What is the severity of CVE-2022-1607?
The severity of CVE-2022-1607 is high with a score of 8.8.
Which software versions are affected by CVE-2022-1607?
The affected software versions are ABB Infinity DC Power Plant up to version 5.0.0 and Abb Ne843 S up to version 5.0.0.
What is Cross-Site Request Forgery (CSRF) vulnerability?
Cross-Site Request Forgery (CSRF) vulnerability is a type of security vulnerability where an attacker tricks a victim into performing unwanted actions on a web application.
How can I fix CVE-2022-1607?
To fix CVE-2022-1607, it is recommended to apply the latest patches and updates provided by ABB for the affected software versions.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/weakness
- agent/author
- agent/last-modified-date
- agent/severity
- agent/title
- agent/description
- agent/event
- agent/tags
- agent/first-publish-date
- vendor/abb
- canonical/abb infinity dc power plant
- canonical/abb ne843 s