Unauthorized Access Vulnerability in ABB eSOMS Version 6.0.2 with LDAP Anonymous Authentication

Unauthorized Access Vulnerability in ABB eSOMS Version 6.0.2 with LDAP Anonymous Authentication

CVE-2018-14805 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

ABB eSOMS version 6.0.2 may allow unauthorized access to the system when LDAP is set to allow anonymous authentication, and specific key values within the eSOMS web.config file are present. Both conditions are required to exploit this vulnerability.

Learn more about our Web App Pen Testing.