CVE-2024-28020

Summary

A user/password reuse vulnerability exists in the FOXMAN-UN/UNEM application and server management. If exploited a malicious high-privileged user could use the passwords and login information through complex routines to extend access on the server and other services.

Affected Software

VendorProductVersion RangeStatus
Hitachi EnergyFOXMAN-UNFOXMAN-UN R16Baffected
Hitachi EnergyFOXMAN-UNFOXMAN-UN R15Baffected
Hitachi EnergyFOXMAN-UNFOXMAN-UN R16Aaffected
Hitachi EnergyFOXMAN-UNFOXMAN-UN R15Aaffected
Hitachi EnergyUNEMUNEM R16Baffected
Hitachi EnergyUNEMUNEM R15Baffected
Hitachi EnergyUNEMUNEM R16Aaffected
Hitachi EnergyUNEMUNEM R15Aaffected

Weaknesses

  • CWE-286: CWE-286 Incorrect User Management

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References