Lucene search

Hitachi EnergyCVELIST:CVE-2021-40333

HistoryDec 02, 2021 - 6:29 p.m.

CVE-2021-40333 Weak default credential associated with TCP port 26

2021-12-0218:29:36

CWE-521

Hitachi Energy

www.cve.org

cve-2021-40333

weak password requirements

hitachi energy fox61x

hitachi energy xcm20

unauthorized access

data communication network

dcn routing configuration

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:H

AI Score

9.2

Confidence

High

EPSS

0.001

Percentile

22.7%

JSON

Weak Password Requirements vulnerability in Hitachi Energy FOX61x, XCM20 allows an attacker to gain unauthorized access to the Data Communication Network (DCN) routing configuration. This issue affects: Hitachi Energy FOX61x versions prior to R15A. Hitachi Energy XCM20 versions prior to R15A.

CNA Affected

[
  {
    "product": "FOX61x",
    "vendor": "Hitachi Energy",
    "versions": [
      {
        "lessThan": "R15A",
        "status": "affected",
        "version": "R15A",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "XCM20",
    "vendor": "Hitachi Energy",
    "versions": [
      {
        "lessThan": "R15A",
        "status": "affected",
        "version": "R15A",
        "versionType": "custom"
      }
    ]
  }
]

References

search.abb.com/library/Download.aspx?DocumentID=8DBD000062&LanguageCode=en&DocumentPartId=&Action=Launch

search.abb.com/library/Download.aspx?DocumentID=8DBD000069&LanguageCode=en&DocumentPartId=&Action=Launch

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:H

AI Score

9.2

Confidence

High

EPSS

0.001

Percentile

22.7%

JSON

Related for CVELIST:CVE-2021-40333