Hitachi EnergyCVELIST:CVE-2021-40341CVE-2021-40341 Weak DES encryption
7.1 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
6.9 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.0%
DES cipher, which has inadequate encryption strength, is used Hitachi Energy FOXMAN-UN to encrypt user credentials used to access the Network Elements. Successful exploitation allows sensitive information to be decrypted easily.Β This issue affects
- FOXMAN-UN product: FOXMAN-UN R16A, FOXMAN-UN R15B, FOXMAN-UN R15A, FOXMAN-UN R14B, FOXMAN-UN R14A, FOXMAN-UN R11B, FOXMAN-UN R11A, FOXMAN-UN R10C, FOXMAN-UN R9C;
- UNEM product: UNEM R16A, UNEM R15B, UNEM R15A, UNEM R14B, UNEM R14A, UNEM R11B, UNEM R11A, UNEM R10C, UNEM R9C.
List of CPEs:
- cpe:2.3:a:hitachienergy:foxman-un:R16A:::::::*
- cpe:2.3:a:hitachienergy:foxman-un:R15B:::::::*
- cpe:2.3:a:hitachienergy:foxman-un:R15A:::::::*
- cpe:2.3:a:hitachienergy:foxman-un:R14B:::::::*
- cpe:2.3:a:hitachienergy:foxman-un:R14A:::::::*
- cpe:2.3:a:hitachienergy:foxman-un:R11B:::::::*
- cpe:2.3:a:hitachienergy:foxman-un:R11A:::::::*
- cpe:2.3:a:hitachienergy:foxman-un:R10C:::::::*
- cpe:2.3:a:hitachienergy:foxman-un:R9C:::::::*
- cpe:2.3:a:hitachienergy:unem:R16A:::::::*
- cpe:2.3:a:hitachienergy:unem:R15B:::::::*
- cpe:2.3:a:hitachienergy:unem:R15A:::::::*
- cpe:2.3:a:hitachienergy:unem:R14B:::::::*
- cpe:2.3:a:hitachienergy:unem:R14A:::::::*
- cpe:2.3:a:hitachienergy:unem:R11B:::::::*
- cpe:2.3:a:hitachienergy:unem:R11A:::::::*
- cpe:2.3:a:hitachienergy:unem:R10C:::::::*
- cpe:2.3:a:hitachienergy:unem:R9C:::::::*
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "FOXMAN-UN",
"vendor": "Hitachi Energy",
"versions": [
{
"status": "affected",
"version": "FOXMAN-UN R16A"
},
{
"status": "affected",
"version": "FOXMAN-UN R15B"
},
{
"status": "affected",
"version": "FOXMAN-UN R15A"
},
{
"status": "affected",
"version": "FOXMAN-UN R14B"
},
{
"status": "affected",
"version": "FOXMAN-UN R14A"
},
{
"status": "affected",
"version": "FOXMAN-UN R11B"
},
{
"status": "affected",
"version": "FOXMAN-UN R11A"
},
{
"status": "affected",
"version": "FOXMAN-UN R10C"
},
{
"status": "affected",
"version": "FOXMAN-UN R9C"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNEM",
"vendor": "Hitachi Energy",
"versions": [
{
"status": "affected",
"version": "UNEM R16A"
},
{
"status": "affected",
"version": "UNEM R15B"
},
{
"status": "affected",
"version": "UNEM R15A"
},
{
"status": "affected",
"version": "UNEM R14B"
},
{
"status": "affected",
"version": "UNEM R14A"
},
{
"status": "affected",
"version": "UNEM R11B"
},
{
"status": "affected",
"version": "UNEM R11A"
},
{
"status": "affected",
"version": "UNEM R10C"
},
{
"status": "affected",
"version": "UNEM R9C"
}
]
}
]Related
7.1 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
6.9 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.0%