Lucene search
Hitachi EnergyCVELIST:CVE-2023-5769HistoryDec 14, 2023 - 4:19 p.m.
CVE-2023-5769
2023-12-1416:19:51
Hitachi Energy
www.cve.org
vulnerability
rtu500
webserver
cross-site scripting
user input
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
0.0005 Low
EPSS
Percentile
17.1%
A vulnerability exists in the webserver that affects the
RTU500 series product versions listed below. A malicious
actor could perform cross-site scripting on the webserver
due to user input being improperly sanitized.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "RTU500",
"vendor": "Hitachi Energy",
"versions": [
{
"status": "affected",
"version": "RTU500 series CMU Firmware version 12.0.1 – 12.0.14"
},
{
"status": "affected",
"version": "RTU500 series CMU Firmware version 12.2.1 – 12.2.11"
},
{
"status": "affected",
"version": "RTU500 series CMU Firmware version 12.4.1 – 12.4.11"
},
{
"status": "affected",
"version": "RTU500 series CMU Firmware version 12.6.1 – 12.6.9 "
},
{
"status": "affected",
"version": "RTU500 series CMU Firmware version 12.7.1 – 12.7.6"
},
{
"status": "affected",
"version": "RTU500 series CMU Firmware version 13.2.1 – 13.2.6 "
},
{
"status": "affected",
"version": "RTU500 series CMU Firmware version 13.4.1 – 13.4.3 "
}
]
}
]Related
nessus
nessus
ABB RTU500 Series Cross-site Scripting (CVE-2023-5769)
2023-12-19 00:00:00
prion
prion
Cross site scripting
2023-12-14 17:15:00
nvd
nvd
CVE-2023-5769
2023-12-14 17:15:09
cve
cve
CVE-2023-5769
2023-12-14 17:15:09
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
0.0005 Low
EPSS
Percentile
17.1%
Related for CVELIST:CVE-2023-5769