CVE-2024-28023
5.7
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L
Summary
A vulnerability exists in the message queueing mechanism that if exploited can lead to the exposure of resources or functionality to unintended actors, possibly providing attackers with sensitive information or even execute arbitrary code.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Hitachi Energy | FOXMAN-UN | FOXMAN-UN R16B PC2 | affected |
| Hitachi Energy | FOXMAN-UN | FOXMAN-UN R16B PC3 <= FOXMAN-UN R16B PC4 | unaffected |
| Hitachi Energy | FOXMAN-UN | FOXMAN-UN R15B PC4 | affected |
| Hitachi Energy | FOXMAN-UN | FOXMAN-UN R15B PC5 | unaffected |
| Hitachi Energy | UNEM | UNEM R16B PC2 | affected |
| Hitachi Energy | UNEM | UNEM R16B PC3 <= UNEM R16B PC4 | unaffected |
| Hitachi Energy | UNEM | UNEM R15B PC4 | affected |
| Hitachi Energy | UNEM | UNEM R15B PC4 | unaffected |
Weaknesses
- CWE-259: CWE-259 Use of Hard-coded Password
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.