CVE-2024-23784

Summary

Improper access control vulnerability exists in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier, which may allow a network-adjacent unauthenticated attacker to obtain a username and its hashed password displayed on the management page of the affected product.

Affected Software

VendorProductVersion RangeStatus
SHARP CORPORATIONEnergy Management Controller with Cloud ServicesJH-RVB1 Ver.B0.1.9.1 and earlieraffected
SHARP CORPORATIONEnergy Management Controller with Cloud ServicesJH-RV11 Ver.B0.1.9.1 and earlieraffected

Weaknesses

  • Improper access control

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References