CVE-2024-28020
8
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Summary
A user/password reuse vulnerability exists in the FOXMAN-UN/UNEM application and server management. If exploited a malicious high-privileged user could use the passwords and login information through complex routines to extend access on the server and other services.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Hitachi Energy | FOXMAN-UN | FOXMAN-UN R16B | affected |
| Hitachi Energy | FOXMAN-UN | FOXMAN-UN R15B | affected |
| Hitachi Energy | FOXMAN-UN | FOXMAN-UN R16A | affected |
| Hitachi Energy | FOXMAN-UN | FOXMAN-UN R15A | affected |
| Hitachi Energy | UNEM | UNEM R16B | affected |
| Hitachi Energy | UNEM | UNEM R15B | affected |
| Hitachi Energy | UNEM | UNEM R16A | affected |
| Hitachi Energy | UNEM | UNEM R15A | affected |
Weaknesses
- CWE-286: CWE-286 Incorrect User Management
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
CVE Program Container
Additional References
- https://publisher.hitachienergy.com/preview?DocumentId=8DBD000194&languageCode=en&Preview=true
- https://publisher.hitachienergy.com/preview?DocumentId=8DBD000201&languageCode=en&Preview=true
References
- https://publisher.hitachienergy.com/preview?DocumentId=8DBD000194&languageCode=en&Preview=true
- https://publisher.hitachienergy.com/preview?DocumentId=8DBD000201&languageCode=en&Preview=true
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.