CVE-2023-1711
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N
Summary
A vulnerability exists in a FOXMAN-UN and UNEM logging component, it only affects systems that use remote authentication to the network elements. If exploited an attacker could obtain confidential information.
List of CPEs:
cpe:2.3:a:hitachienergy:foxman_un:R9C:::::::*
cpe:2.3:a:hitachienergy:foxman_un:R10C:::::::*
cpe:2.3:a:hitachienergy:foxman_un:R11A:::::::*
cpe:2.3:a:hitachienergy:foxman_un:R11B:::::::*
cpe:2.3:a:hitachienergy:foxman_un:R14A:::::::*
cpe:2.3:a:hitachienergy:foxman_un:R14B:::::::*
cpe:2.3:a:hitachienergy:foxman_un:R15A:::::::*
cpe:2.3:a:hitachienergy:foxman_un:R15B:::::::*
cpe:2.3:a:hitachienergy:foxman_un:R16A:::::::*
cpe:2.3:a:hitachienergy:unem:R9C:::::::*
cpe:2.3:a:hitachienergy: unem :R10C:::::::*
cpe:2.3:a:hitachienergy: unem :R11A:::::::*
cpe:2.3:a:hitachienergy: unem :R11B:::::::*
cpe:2.3:a:hitachienergy: unem :R14A:::::::*
cpe:2.3:a:hitachienergy: unem :R14B:::::::*
cpe:2.3:a:hitachienergy: unem :R15A:::::::*
cpe:2.3:a:hitachienergy: unem :R15B:::::::*
cpe:2.3:a:hitachienergy: unem :R16A:::::::*
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Hitachi Energy | FOXMAN-UN | FOXMAN-UN R16A | affected |
| Hitachi Energy | FOXMAN-UN | FOXMAN-UN R15B | affected |
| Hitachi Energy | FOXMAN-UN | FOXMAN-UN R15A | affected |
| Hitachi Energy | FOXMAN-UN | FOXMAN-UN R14B | affected |
| Hitachi Energy | FOXMAN-UN | FOXMAN-UN R14A | affected |
| Hitachi Energy | FOXMAN-UN | FOXMAN-UN R11B | affected |
| Hitachi Energy | FOXMAN-UN | FOXMAN-UN R11A | affected |
| Hitachi Energy | FOXMAN-UN | FOXMAN-UN R10C | affected |
| Hitachi Energy | FOXMAN-UN | FOXMAN-UN R9C | affected |
| Hitachi Energy | UNEM | UNEM R16A | affected |
| Hitachi Energy | UNEM | UNEM R15B | affected |
| Hitachi Energy | UNEM | UNEM R15A | affected |
| Hitachi Energy | UNEM | UNEM R14B | affected |
| Hitachi Energy | UNEM | UNEM R14A | affected |
| Hitachi Energy | UNEM | UNEM R11B | affected |
| Hitachi Energy | UNEM | UNEM R11A | affected |
| Hitachi Energy | UNEM | UNEM R10C | affected |
| Hitachi Energy | UNEM | UNEM R9C | affected |
Weaknesses
- CWE-117: CWE-117
Workarounds
Apply mitigation as described in the cybersecurity advisory Mitigation Factors/Workarounds Section.
ADP Enrichment
CVE Program Container
Additional References
- https://search.abb.com/library/Download.aspx?DocumentID=8DBD000155&LanguageCode=en&DocumentPartId=&Action=Launch
- https://search.abb.com/library/Download.aspx?DocumentID=8DBD000166&LanguageCode=en&DocumentPartId=&Action=Launch
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://search.abb.com/library/Download.aspx?DocumentID=8DBD000155&LanguageCode=en&DocumentPartId=&Action=Launch
- https://search.abb.com/library/Download.aspx?DocumentID=8DBD000166&LanguageCode=en&DocumentPartId=&Action=Launch
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.