CVE-2024-2377

Summary

A vulnerability exists in the too permissive HTTP response header web server settings of the SDM600. An attacker can take advantage of this and possibly carry out privileged actions and access sensitive information.

Affected Software

VendorProductVersion RangeStatus
Hitachi EnergySDM6000 < 1.3.4affected
Hitachi EnergySDM6001.3.4.572unaffected

Weaknesses

  • CWE-346: CWE-346 Origin Validation Error

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References