16 matches found
CVE-2021-40338
Hitachi Energy LinkOne product, has a vulnerability due to a web server misconfiguration, that enables debug mode and reveals the full path of the filesystem directory when an attacker generates errors during a query operation. This issue affects: Hitachi Energy LinkOne 3.20; 3.22; 3.23; 3.24;...
CVE-2021-40340
Information Exposure vulnerability in Hitachi Energy LinkOne application, due to a misconfiguration in the ASP server exposes server and ASP.net information, an attacker that manages to exploit this vulnerability can use the exposed information as a reconnaissance for further exploitation. This...
CVE-2021-40339
Configuration vulnerability in Hitachi Energy LinkOne application due to the lack of HTTP Headers, allows an attacker that manages to exploit this vulnerability to retrieve sensitive information. This issue affects: Hitachi Energy LinkOne 3.20; 3.22; 3.23; 3.24; 3.25; 3.26...
CVE-2021-40339
Configuration vulnerability in Hitachi Energy LinkOne application due to the lack of HTTP Headers, allows an attacker that manages to exploit this vulnerability to retrieve sensitive information. This issue affects: Hitachi Energy LinkOne 3.20; 3.22; 3.23; 3.24; 3.25; 3.26...
Path traversal
Hitachi Energy LinkOne product, has a vulnerability due to a web server misconfiguration, that enables debug mode and reveals the full path of the filesystem directory when an attacker generates errors during a query operation. This issue affects: Hitachi Energy LinkOne 3.20; 3.22; 3.23; 3.24;...
Design/Logic Flaw
Configuration vulnerability in Hitachi Energy LinkOne application due to the lack of HTTP Headers, allows an attacker that manages to exploit this vulnerability to retrieve sensitive information. This issue affects: Hitachi Energy LinkOne 3.20; 3.22; 3.23; 3.24; 3.25; 3.26...
Information disclosure
Information Exposure vulnerability in Hitachi Energy LinkOne application, due to a misconfiguration in the ASP server exposes server and ASP.net information, an attacker that manages to exploit this vulnerability can use the exposed information as a reconnaissance for further exploitation. This...
CVE-2021-40340
Hitachi Energy LinkOne WebView (v3.20–v3.26) exhibits an Information Exposure vulnerability (CVE-2021-40340) caused by ASP server misconfiguration that reveals server and ASP.NET details. Exploitation can enable reconnaissance for further attacks; impact is limited to information disclosure rathe...
CVE-2021-40339
Hitachi Energy LinkOne (WebView) is affected by CVE-2021-40339 due to a misconfiguration: the application lacks HTTP headers, enabling an attacker to retrieve sensitive information. Affected versions are LinkOne WebView 3.20, 3.22, 3.23, 3.24, 3.25, and 3.26. The CVE entry describes a configurati...
Hitachi Energy LinkOne 授权问题漏洞
Hitachi Energy LinkOne is an enterprise graphical parts catalog and content delivery solution from Hitachi Energy, Switzerland. It is used to publish, view and find spare parts for complex equipment and assemblies. A security vulnerability exists in Hitachi Energy LinkOne, which stems from a web...
Hitachi Energy LinkOne 信息泄露漏洞
Hitachi Energy LinkOne is an enterprise graphical parts catalog and content delivery solution from Hitachi Energy, Switzerland. It is used to publish, view and locate spare parts for complex equipment and assemblies. A security vulnerability exists in Hitachi Energy LinkOne, which arises from a...
CVE-2021-40337
Cross-site Scripting XSS vulnerability in Hitachi Energy LinkOne allows an attacker that manages to exploit the vulnerability can take advantage to exploit multiple web attacks and stole sensitive information. This issue affects: Hitachi Energy LinkOne 3.20; 3.22; 3.23; 3.24; 3.25; 3.26...
Cross site scripting
Cross-site Scripting XSS vulnerability in Hitachi Energy LinkOne allows an attacker that manages to exploit the vulnerability can take advantage to exploit multiple web attacks and stole sensitive information. This issue affects: Hitachi Energy LinkOne 3.20; 3.22; 3.23; 3.24; 3.25; 3.26...
CVE-2021-40337
Affected product/variant: Hitachi Energy LinkOne WebView (versions 3.20, 3.22, 3.23, 3.24, 3.25, 3.26). Vulnerability: Cross-site Scripting (XSS) due to improper neutralization of input during web page generation (CWE-79). Impact (as stated): Multiple web attacks and theft of sensitive informatio...
CVE-2021-40337 OWASP Related Vulnerabilities in Hitachi Energy’s LinkOne Product
Cross-site Scripting XSS vulnerability in Hitachi Energy LinkOne allows an attacker that manages to exploit the vulnerability can take advantage to exploit multiple web attacks and stole sensitive information. This issue affects: Hitachi Energy LinkOne 3.20; 3.22; 3.23; 3.24; 3.25; 3.26...
Hitachi Energy LinkOne 跨站脚本漏洞
Hitachi Energy LinkOne is an enterprise graphical parts catalog and content delivery solution from Hitachi Energy, Switzerland. It is used to publish, view and locate spare parts for complex equipment and assemblies. A cross-site scripting vulnerability exists in Hitachi Energy LinkOne, which ste...