Lucene search

K
cve[email protected]CVE-2024-2011
HistoryJun 11, 2024 - 2:15 p.m.

CVE-2024-2011

2024-06-1114:15:11
CWE-122
web.nvd.nist.gov
24
cve-2024-2011
heap-based buffer overflow
foxman-un/unem
denial of service
arbitrary code execution
security policy

8.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

8.8 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

A heap-based buffer overflow vulnerability exists in the FOXMAN-UN/UNEM that
if exploited will generally lead to a denial of service but can be used
to execute arbitrary code, which is usually outside the scope of a
program’s implicit security policy

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "FOXMAN-UN",
    "vendor": "Hitachi Energy",
    "versions": [
      {
        "status": "affected",
        "version": "FOXMAN-UN R16B PC2",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "FOXMAN-UN R16B PC4",
        "status": "unaffected",
        "version": "FOXMAN-UN R16B PC3",
        "versionType": "custom"
      },
      {
        "status": "affected",
        "version": "FOXMAN-UN R15B PC4",
        "versionType": "custom"
      },
      {
        "status": "unaffected",
        "version": "FOXMAN-UN R16B PC5",
        "versionType": "custom"
      },
      {
        "status": "affected",
        "version": "FOXMAN-UN R16A"
      },
      {
        "status": "affected",
        "version": "FOXMAN-UN R15A"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "UNEM",
    "vendor": "Hitachi Energy",
    "versions": [
      {
        "status": "affected",
        "version": "UNEM R16B PC2",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "UNEM R16B PC4",
        "status": "unaffected",
        "version": "UNEM R16B PC3",
        "versionType": "custom"
      },
      {
        "status": "affected",
        "version": "UNEM R15B PC4",
        "versionType": "custom"
      },
      {
        "status": "unaffected",
        "version": "UNEM R16B PC5",
        "versionType": "custom"
      },
      {
        "status": "affected",
        "version": "UNEM R16A"
      },
      {
        "status": "affected",
        "version": "UNEM R15A"
      }
    ]
  }
]

8.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

8.8 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

Related for CVE-2024-2011