CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-2621

The McFeeder server (distributed as part of SSW package), is susceptible to an arbitrary file write vulnerability on the MAIN computer system. This vulnerability stems from the use of an outdated version of a third-party library, which is used to extract archives uploaded to McFeeder server. An authenticated malicious client can exploit this vulnerability by uploading a crafted ZIP archive via the network to McFeeder’s service endpoint.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 30.3%

CVSS Severity

CVSS v3 Score 6.5

References

https://publisher.hitachienergy.com/preview?DocumentId=8DBD000177&languageCode=en&Preview=true
https://publisher.hitachienergy.com/preview?DocumentId=8DBD000177&languageCode=en&Preview=true

Products affected by CVE-2023-2621

Hitachienergy » Modular Advanced Control For Hvdc » Version: 5.0

cpe:2.3:a:hitachienergy:modular_advanced_control_for_hvdc:5.0
Hitachienergy » Modular Advanced Control For Hvdc » Version: 7.10.0.0

cpe:2.3:a:hitachienergy:modular_advanced_control_for_hvdc:7.10.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-2621

Products

Pricing

Contact Us