This vulnerability has been modified since it was last analyzed by the NVD. It is awaiting reanalysis which may result in further changes to the information provided.
Insufficient access control in the web interface of ABB Asset Suite versions 9.0 to 9.3, 9.4 prior to 126.96.36.199, 9.5 prior to 188.8.131.52 and 9.6.0 enables full access to directly referenced objects. An attacker with knowledge of a resource's URL can access the resource directly.
CVSS 3.x Severity and Metrics:
CNA: Asea Brown Boveri Ltd. (ABB)
CVSS 2.0 Severity and Metrics: