cpe:/o:abb:vsn300_firmware:1.8.15 cpe:/o:abb:vsn300_for_react_firmware:2.1.3 CVE-2017-7920 2017-08-07T04:29:00.243-04:00 2019-10-09T19:29:58.187-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov BID 99558 MISC http://search.abb.com/library/Download.aspx?DocumentID=9AKK107045A1977&LanguageCode=en&DocumentPartId=&Action=Launch MISC https://ics-cert.us-cert.gov/advisories/ICSA-17-192-03 An Improper Authentication issue was discovered in ABB VSN300 WiFi Logger Card versions 1.8.15 and prior, and VSN300 WiFi Logger Card for React versions 2.1.3 and prior. By accessing a specific uniform resource locator (URL) on the web server, a malicious user is able to access internal information about status and connected devices without authenticating.