How severe is CVE-2017-16731?

CVE-2017-16731 has a CVSS v3 score of 8.8 (HIGH).

CVE-2017-16731

Name: ellipse
Author: hitachienergy

8.8HIGH

An Unprotected Transport of Credentials issue was discovered in ABB Ellipse 8.3 through Ellipse 8.9 released prior to December 2017 (including Ellipse Select). A vulnerability exists in the authentica

Published: 12/20/2017Updated: 4/20/2025

Description

An Unprotected Transport of Credentials issue was discovered in ABB Ellipse 8.3 through Ellipse 8.9 released prior to December 2017 (including Ellipse Select). A vulnerability exists in the authentication of Ellipse to LDAP/AD using the LDAP protocol. An attacker could exploit the vulnerability by sniffing local network traffic, allowing the discovery of authentication credentials.

AI AnalysisPowered by AI

Affected Products

hitachienergyellipse

References

https://ics-cert.us-cert.gov/advisories/ICSA-17-353-01
Third Party AdvisoryUS Government Resource
https://ics-cert.us-cert.gov/advisories/ICSA-17-353-01
Third Party AdvisoryUS Government Resource