Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2021-40341
HistoryJan 05, 2023 - 10:15 p.m.

CVE-2021-40341

2023-01-0522:15:08
CWE-326
[email protected]
web.nvd.nist.gov
hitachi energy
foxman-un
unem
des cipher
inadequate encryption
user credentials
sensitive information
cve-2021-40341

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

7.4 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

JSON

DES cipher, which has inadequate encryption strength, is used Hitachi Energy FOXMAN-UN to encrypt user credentials used to access the Network Elements. Successful exploitation allows sensitive information to be decrypted easily.Β This issue affects

  • FOXMAN-UN product: FOXMAN-UN R16A, FOXMAN-UN R15B, FOXMAN-UN R15A, FOXMAN-UN R14B, FOXMAN-UN R14A, FOXMAN-UN R11B, FOXMAN-UN R11A, FOXMAN-UN R10C, FOXMAN-UN R9C;
  • UNEM product: UNEM R16A, UNEM R15B, UNEM R15A, UNEM R14B, UNEM R14A, UNEM R11B, UNEM R11A, UNEM R10C, UNEM R9C.

List of CPEs:

  • cpe:2.3:a:hitachienergy:foxman-un:R16A:::::::*
  • cpe:2.3:a:hitachienergy:foxman-un:R15B:::::::*
  • cpe:2.3:a:hitachienergy:foxman-un:R15A:::::::*
  • cpe:2.3:a:hitachienergy:foxman-un:R14B:::::::*
  • cpe:2.3:a:hitachienergy:foxman-un:R14A:::::::*
  • cpe:2.3:a:hitachienergy:foxman-un:R11B:::::::*
  • cpe:2.3:a:hitachienergy:foxman-un:R11A:::::::*
  • cpe:2.3:a:hitachienergy:foxman-un:R10C:::::::*
  • cpe:2.3:a:hitachienergy:foxman-un:R9C:::::::*
  • cpe:2.3:a:hitachienergy:unem:R16A:::::::*
  • cpe:2.3:a:hitachienergy:unem:R15B:::::::*
  • cpe:2.3:a:hitachienergy:unem:R15A:::::::*
  • cpe:2.3:a:hitachienergy:unem:R14B:::::::*
  • cpe:2.3:a:hitachienergy:unem:R14A:::::::*
  • cpe:2.3:a:hitachienergy:unem:R11B:::::::*
  • cpe:2.3:a:hitachienergy:unem:R11A:::::::*
  • cpe:2.3:a:hitachienergy:unem:R10C:::::::*
  • cpe:2.3:a:hitachienergy:unem:R9C:::::::*

Affected configurations

NVD
Node
hitachienergyfoxman-unMatchr9c
OR
hitachienergyfoxman-unMatchr10c
OR
hitachienergyfoxman-unMatchr11a
OR
hitachienergyfoxman-unMatchr11b
OR
hitachienergyfoxman-unMatchr14a
OR
hitachienergyfoxman-unMatchr14b
OR
hitachienergyfoxman-unMatchr15a
OR
hitachienergyfoxman-unMatchr15b
OR
hitachienergyfoxman-unMatchr16a
OR
hitachienergyunemMatchr9c
OR
hitachienergyunemMatchr10c
OR
hitachienergyunemMatchr11a
OR
hitachienergyunemMatchr11b
OR
hitachienergyunemMatchr14a
OR
hitachienergyunemMatchr14b
OR
hitachienergyunemMatchr15a
OR
hitachienergyunemMatchr15b
OR
hitachienergyunemMatchr16a

Related

prion 1
cvelist 1
cve 1
ics 2
prion
prion
Code injection
2023-01-05 22:15:00
cvelist
cvelist
CVE-2021-40341 Weak DES encryption
2023-01-05 21:26:42
cve
cve
CVE-2021-40341
2023-01-05 22:15:08
ics
ics
Hitachi Energy FOXMAN-UN
2023-01-05 12:00:00
Hitachi Energy UNEM
2023-01-11 12:00:00

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

7.4 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

JSON
Related for NVD:CVE-2021-40341
prion1cvelist1cve1ics2