Lucene search

Hitachi EnergyCVELIST:CVE-2021-40338

HistoryDec 23, 2021 - 12:00 a.m.

CVE-2021-40338 OWASP Related Vulnerabilities in Hitachi Energy’s LinkOne Product

2021-12-2300:00:00

Hitachi Energy

www.cve.org

3.7 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

5.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

31.3%

JSON

Hitachi Energy LinkOne product, has a vulnerability due to a web server misconfiguration, that enables debug mode and reveals the full path of the filesystem directory when an attacker generates errors during a query operation. This issue affects: Hitachi Energy LinkOne 3.20; 3.22; 3.23; 3.24; 3.25; 3.26.

References

search.abb.com/library/Download.aspx?DocumentID=8DBD000079&LanguageCode=en&DocumentPartId=&Action=Launch

3.7 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

5.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

31.3%

JSON

Related for CVELIST:CVE-2021-40338