Headline
ABB Cylon Aspect 3.08.02 (logYumLookup.php) Authenticated File Disclosure
The ABB BMS/BAS controller suffers from an unauthenticated log information disclosure vulnerability. An unauthorized attacker can reference the affected page and disclose the webserver’s log file containing system information running on the device.