Vulnerability Description
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in ABB Flow-X firmware on Flow-X embedded hardware (web service modules) allows Footprinting.This issue affects Flow-X: before 4.0.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Abb | Flow-X\/M Firmware | <= 3.2.6 |
| Abb | Flow-X\/M | - |
| Abb | Flow-X\/C Firmware | <= 3.2.6 |
| Abb | Flow-X\/C | - |
| Abb | Flow-X\/K Firmware | <= 3.2.6 |
| Abb | Flow-X\/K | - |
| Abb | Flow-X\/S Firmware | <= 3.2.6 |
| Abb | Flow-X\/S | - |
| Abb | Flow-X\/P Firmware | <= 3.2.6 |
| Abb | Flow-X\/P | - |
| Abb | Flow-X R Firmware | <= 3.2.6 |
| Abb | Flow-X R | - |
| Abb | Flow-X\/T Firmware | <= 3.2.6 |
| Abb | Flow-X\/T | - |
| Abb | Flow-X\/Web Firmware | <= 3.2.6 |
| Abb | Flow-X\/Web | - |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.com/files/173610/ABB-FlowX-4.00-Information-DisclosurExploitThird Party AdvisoryVDB Entry
- https://search.abb.com/library/Download.aspx?DocumentID=9AKK108467A9754&LanguageVendor Advisory
- http://packetstormsecurity.com/files/173610/ABB-FlowX-4.00-Information-DisclosurExploitThird Party AdvisoryVDB Entry
- https://search.abb.com/library/Download.aspx?DocumentID=9AKK108467A9754&LanguageVendor Advisory
FAQ
What is CVE-2023-1258?
CVE-2023-1258 is a vulnerability with a CVSS score of 5.3 (MEDIUM). Exposure of Sensitive Information to an Unauthorized Actor vulnerability in ABB Flow-X firmware on Flow-X embedded hardware (web service modules) allows Footprinting.This issue affects Flow-X: before ...
How severe is CVE-2023-1258?
CVE-2023-1258 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-1258?
Check the references section above for vendor advisories and patch information. Affected products include: Abb Flow-X\/M Firmware, Abb Flow-X\/M, Abb Flow-X\/C Firmware, Abb Flow-X\/C, Abb Flow-X\/K Firmware.