Vulnerability Description
Sensitive Cookie Without 'HttpOnly' Flag vulnerability in ABB REX640 PCL1 (firmware modules), ABB REX640 PCL2 (Firmware modules), ABB REX640 PCL3 (firmware modules) allows Cross-Site Scripting (XSS).This issue affects REX640 PCL1: from 1.0;0 before 1.0.8; REX640 PCL2: from 1.0;0 before 1.1.4; REX640 PCL3: from 1.0;0 before 1.2.1.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Abb | Rex640 Pcl1 Firmware | >= 1.0.0, < 1.0.8 |
| Abb | Rex640 Pcl1 | - |
| Abb | Rex640 Pcl2 Firmware | >= 1.0.0, < 1.1.4 |
| Abb | Rex640 Pcl2 | - |
| Abb | Rex640 Pcl3 Firmware | >= 1.0.0, < 1.2.1 |
| Abb | Rex640 Pcl3 | - |
Related Weaknesses (CWE)
References
- https://search.abb.com/library/Download.aspx?DocumentID=2NGA001423&LanguageCode=Vendor Advisory
- https://search.abb.com/library/Download.aspx?DocumentID=2NGA001423&LanguageCode=Vendor Advisory
FAQ
What is CVE-2023-2876?
CVE-2023-2876 is a vulnerability with a CVSS score of 3.1 (LOW). Sensitive Cookie Without 'HttpOnly' Flag vulnerability in ABB REX640 PCL1 (firmware modules), ABB REX640 PCL2 (Firmware modules), ABB REX640 PCL3 (firmware modules) allows Cross-Site Scripting (XSS).T...
How severe is CVE-2023-2876?
CVE-2023-2876 has been rated LOW with a CVSS base score of 3.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-2876?
Check the references section above for vendor advisories and patch information. Affected products include: Abb Rex640 Pcl1 Firmware, Abb Rex640 Pcl1, Abb Rex640 Pcl2 Firmware, Abb Rex640 Pcl2, Abb Rex640 Pcl3 Firmware.