CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L
AI Score
Confidence
Low
EPSS
Percentile
17.7%
A vulnerability exists in the FOXMAN-UN/UNEM server / APIGateway that
if exploited allows a malicious user to perform an arbitrary number
of authentication attempts using different passwords, and
eventually gain access to the targeted account.
Vendor | Product | Version | CPE |
---|---|---|---|
hitachienergy | foxman-un | r15a | cpe:2.3:a:hitachienergy:foxman-un:r15a:*:*:*:*:*:*:* |
hitachienergy | foxman-un | r15b | cpe:2.3:a:hitachienergy:foxman-un:r15b:*:*:*:*:*:*:* |
hitachienergy | foxman-un | r16a | cpe:2.3:a:hitachienergy:foxman-un:r16a:*:*:*:*:*:*:* |
hitachienergy | foxman-un | r16b | cpe:2.3:a:hitachienergy:foxman-un:r16b:*:*:*:*:*:*:* |
hitachienergy | unem | r15a | cpe:2.3:a:hitachienergy:unem:r15a:*:*:*:*:*:*:* |
hitachienergy | unem | r15b | cpe:2.3:a:hitachienergy:unem:r15b:*:*:*:*:*:*:* |
hitachienergy | unem | r16a | cpe:2.3:a:hitachienergy:unem:r16a:*:*:*:*:*:*:* |
hitachienergy | unem | r16b | cpe:2.3:a:hitachienergy:unem:r16b:*:*:*:*:*:*:* |
[
{
"defaultStatus": "unaffected",
"product": "FOXMAN-UN",
"vendor": "Hitachi Energy",
"versions": [
{
"status": "affected",
"version": "FOXMAN-UN R16B"
},
{
"status": "affected",
"version": "FOXMAN-UN R15B"
},
{
"status": "affected",
"version": "FOXMAN-UN R16A"
},
{
"status": "affected",
"version": "FOXMAN-UN R15A"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNEM",
"vendor": "Hitachi Energy",
"versions": [
{
"status": "affected",
"version": "UNEM R16B"
},
{
"status": "affected",
"version": "UNEM R15B"
},
{
"status": "affected",
"version": "UNEM 16A"
},
{
"status": "affected",
"version": "UNEM 15A"
}
]
}
]