2 matches found
CVE-2021-35530
A vulnerability in the application authentication and authorization mechanism in Hitachi Energy's TXpert Hub CoreTec 4, that depends on a token validation of the session identifier, allows an unauthorized modified message to be executed in the server enabling an unauthorized actor to change an...
CVE-2021-35530
The CVE-2021-35530 vulnerability affects Hitachi Energy TXpert Hub CoreTec 4, versions 2.0.0 through 2.2.1, in its authentication/authorization flow where session-token validation can be bypassed. This can allow an unauthorized actor to modify a user’s password and gain unauthorized access via th...