Vulnerability Details CVE-2024-28022
A vulnerability exists in the UNEM server / APIGateway that if exploited allows a malicious user to perform an arbitrary number of
authentication attempts using different passwords, and eventually
gain access to other components in the same security realm using
the targeted account.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 29.5%
CVSS Severity
CVSS v3 Score 6.5
References
- https://publisher.hitachienergy.com/preview?DocumentId=8DBD000194&languageCode=en&Preview=true
- https://publisher.hitachienergy.com/preview?DocumentId=8DBD000201&languageCode=en&Preview=true
- https://publisher.hitachienergy.com/preview?DocumentId=8DBD000194&languageCode=en&Preview=true
- https://publisher.hitachienergy.com/preview?DocumentId=8DBD000201&languageCode=en&Preview=true
Products affected by CVE-2024-28022
-
cpe:2.3:a:hitachienergy:foxman-un:r15a
-
cpe:2.3:a:hitachienergy:foxman-un:r15b
-
cpe:2.3:a:hitachienergy:foxman-un:r16a
-
cpe:2.3:a:hitachienergy:foxman-un:r16b
-
cpe:2.3:a:hitachienergy:unem:r15a
-
cpe:2.3:a:hitachienergy:unem:r15b
-
cpe:2.3:a:hitachienergy:unem:r16a
-
cpe:2.3:a:hitachienergy:unem:r16b