CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
19.7%
SSVC
Exploitation
none
Automatable
no
Technical Impact
total
The product allows user input to control or influence paths or file
names that are used in filesystem operations, allowing the attacker to access or modify system files or other files that are
critical to the application.
[
{
"cpes": [
"cpe:2.3:a:hitachienergy:microscada_sys600:10.0:*:*:*:*:*:*:*"
],
"vendor": "hitachienergy",
"product": "microscada_sys600",
"versions": [
{
"status": "affected",
"version": "10.0",
"versionType": "custom",
"lessThanOrEqual": "10.5"
}
],
"defaultStatus": "unknown"
}
]
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
19.7%
SSVC
Exploitation
none
Automatable
no
Technical Impact
total