CVE-2024-28022

CVSS 6.5 MEDIUMEPSS 0.4%CWE-307

A vulnerability exists in the UNEM server / APIGateway that if exploited allows a malicious user to perform an arbitrary number of authentication attempts using different passwords, and eventually gain access to other components in the same security realm using the targeted account.

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L

Productos afectados

Hitachi Energy · FOXMAN-UN Hitachi Energy · UNEM

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://publisher.hitachienergy.com/preview?DocumentId=8DBD000194&languageCode=en&Preview=true https://publisher.hitachienergy.com/preview?DocumentId=8DBD000201&languageCode=en&Preview=true