CVE-2024-2461

Summary

If exploited an attacker could traverse the file system to access files or directories that would otherwise be inaccessible

Affected Software

VendorProductVersion RangeStatus
Hitachi EnergyFOX61x0 <= FOX61x R16B Revision E (cesm3_r16b04_02, cesne_r16b04_02 and f10ne_r16b04_02)affected
Hitachi EnergyFOX61xFOX61x R16B Revision G, version (cesm3_r16b04_07, cesne_r16b04_07, f10ne_r16b04_07)unaffected
Hitachi EnergyFOX61xFOX61x R15Baffected
Hitachi EnergyFOX61xFOX61X R16B Revision G, (cesm3_r16b04_07, cesne_r16b04_07, f10ne_r16b04_07)unaffected
Hitachi EnergyFOX61xFOX61x R16Aaffected
Hitachi EnergyFOX61xFOX61x R15Aaffected
Hitachi EnergyXMC200 <= XMC20 R16B Revision C (cent2_r16b04_02, co5ne_r16b04_02)affected
Hitachi EnergyXMC20XMC20 R16B Revision D, version (cent2_r16b04_07, co5ne_r16b04_07)unaffected
Hitachi EnergyXMC20XMC20 R15Baffected
Hitachi EnergyXMC20XMC20 R16B Revision D, version (cent2_r16b04_07, co5ne_r16b04_07)unaffected
Hitachi EnergyXMC20XMC20 R16Aaffected
Hitachi EnergyXMC20XMC20 R15Aaffected

Weaknesses

  • CWE-23: CWE-23 Relative Path Traversal

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References