CVE-2021-40334 - OpenCVE

Missing Handler vulnerability in the proprietary management protocol (port TCP 5558) of Hitachi Energy FOX61x, XCM20 allows an attacker that exploits the vulnerability by activating SSH on port TCP 5558 to cause disruption to the NMS and NE communication. This issue affects: Hitachi Energy FOX61x versions prior to R15A. Hitachi Energy XCM20 versions prior to R15A.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Hitachienergy	Fox615 Fox615 Firmware Xcm20 Xcm20 Firmware

Configuration 1 [-]

AND

cpe:2.3:h:hitachienergy:fox615:-:*:*:*:*:*:*:*

cpe:2.3:o:hitachienergy:fox615_firmware:*:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:h:hitachienergy:xcm20:-:*:*:*:*:*:*:*

cpe:2.3:o:hitachienergy:xcm20_firmware:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000062&LanguageCode=en&DocumentPartId=&Action=Launch
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000069&LanguageCode=en&DocumentPartId=&Action=Launch

History

Mon, 16 Sep 2024 23:15:00 +0000

Type	Values Removed	Values Added
Title	SSH activation problem in the proprietary management protocol (port TCP 5558)	SSH activation problem in the proprietary management protocol (port TCP 5558)

MITRE

Status: PUBLISHED

Assigner: Hitachi Energy

Published: 2021-12-02T18:28:18.525907Z

Updated: 2024-09-16T23:11:57.958Z

Reserved: 2021-08-31T00:00:00

Link: CVE-2021-40334

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2021-12-02T19:15:08.413

Modified: 2021-12-08T17:15:04.157

Link: CVE-2021-40334

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "FOX61x", "vendor": "Hitachi Energy", "versions": [{"lessThan": "R15A", "status": "affected", "version": "R15A", "versionType": "custom"}]}, {"product": "XCM20", "vendor": "Hitachi Energy", "versions": [{"lessThan": "R15A", "status": "affected", "version": "R15A", "versionType": "custom"}]}], "datePublic": "2021-11-23T00:00:00", "descriptions": [{"lang": "en", "value": "Missing Handler vulnerability in the proprietary management protocol (port TCP 5558) of Hitachi Energy FOX61x, XCM20 allows an attacker that exploits the vulnerability by activating SSH on port TCP 5558 to cause disruption to the NMS and NE communication. This issue affects: Hitachi Energy FOX61x versions prior to R15A. Hitachi Energy XCM20 versions prior to R15A."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-431", "description": "CWE-431 Missing Handler", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-12-02T18:28:18", "orgId": "e383dce4-0c27-4495-91c4-0db157728d17", "shortName": "Hitachi Energy"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000062&LanguageCode=en&DocumentPartId=&Action=Launch"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000069&LanguageCode=en&DocumentPartId=&Action=Launch"}], "solutions": [{"lang": "en", "value": "Fixed in FOX61x R15A or XMC20 R15A"}], "source": {"discovery": "UNKNOWN"}, "title": "SSH activation problem in the proprietary management protocol (port TCP 5558)", "workarounds": [{"lang": "en", "value": "Recommended security practices and firewall configurations help protecting systems from attacks that originate from outside the network. Such practices include that network management systems and FOX61x or XMC20 networks are typically physically protected from direct access by unauthorized personnel and have no direct connections to the Internet, as well as are separated from other networks by means of a firewall system that has a minimal number of ports exposed, and others that have to be evaluated case by case. Portable computers and removable storage media should be carefully scanned for viruses before they are connected to a control system."}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cybersecurity@hitachienergy.com", "DATE_PUBLIC": "2021-11-23T11:00:00.000Z", "ID": "CVE-2021-40334", "STATE": "PUBLIC", "TITLE": "SSH activation problem in the proprietary management protocol (port TCP 5558)"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "FOX61x", "version": {"version_data": [{"version_affected": "<", "version_name": "R15A", "version_value": "R15A"}]}}, {"product_name": "XCM20", "version": {"version_data": [{"version_affected": "<", "version_name": "R15A", "version_value": "R15A"}]}}]}, "vendor_name": "Hitachi Energy"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Missing Handler vulnerability in the proprietary management protocol (port TCP 5558) of Hitachi Energy FOX61x, XCM20 allows an attacker that exploits the vulnerability by activating SSH on port TCP 5558 to cause disruption to the NMS and NE communication. This issue affects: Hitachi Energy FOX61x versions prior to R15A. Hitachi Energy XCM20 versions prior to R15A."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-431 Missing Handler"}]}]}, "references": {"reference_data": [{"name": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000062&LanguageCode=en&DocumentPartId=&Action=Launch", "refsource": "CONFIRM", "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000062&LanguageCode=en&DocumentPartId=&Action=Launch"}, {"name": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000069&LanguageCode=en&DocumentPartId=&Action=Launch", "refsource": "CONFIRM", "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000069&LanguageCode=en&DocumentPartId=&Action=Launch"}]}, "solution": [{"lang": "en", "value": "Fixed in FOX61x R15A or XMC20 R15A"}], "source": {"discovery": "UNKNOWN"}, "work_around": [{"lang": "en", "value": "Recommended security practices and firewall configurations help protecting systems from attacks that originate from outside the network. Such practices include that network management systems and FOX61x or XMC20 networks are typically physically protected from direct access by unauthorized personnel and have no direct connections to the Internet, as well as are separated from other networks by means of a firewall system that has a minimal number of ports exposed, and others that have to be evaluated case by case. Portable computers and removable storage media should be carefully scanned for viruses before they are connected to a control system."}]}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T02:27:31.884Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000062&LanguageCode=en&DocumentPartId=&Action=Launch"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000069&LanguageCode=en&DocumentPartId=&Action=Launch"}]}]}, "cveMetadata": {"assignerOrgId": "e383dce4-0c27-4495-91c4-0db157728d17", "assignerShortName": "Hitachi Energy", "cveId": "CVE-2021-40334", "datePublished": "2021-12-02T18:28:18.525907Z", "dateReserved": "2021-08-31T00:00:00", "dateUpdated": "2024-09-16T23:11:57.958Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:hitachienergy:fox615:-:*:*:*:*:*:*:*", "matchCriteriaId": "0B82C2DB-DBDB-42F1-AB11-AE52A9F22D3E", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:hitachienergy:fox615_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "CE81A477-A997-40A8-967C-37214CDF355A", "versionEndExcluding": "r15a", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:hitachienergy:xcm20:-:*:*:*:*:*:*:*", "matchCriteriaId": "7DCEDF0E-CC13-4366-A88C-15651D68CDF6", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:hitachienergy:xcm20_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8C51C90A-1888-4C9E-9D7C-DACF71931A73", "versionEndExcluding": "r15a", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Missing Handler vulnerability in the proprietary management protocol (port TCP 5558) of Hitachi Energy FOX61x, XCM20 allows an attacker that exploits the vulnerability by activating SSH on port TCP 5558 to cause disruption to the NMS and NE communication. This issue affects: Hitachi Energy FOX61x versions prior to R15A. Hitachi Energy XCM20 versions prior to R15A."}, {"lang": "es", "value": "Una vulnerabilidad de Manejo Faltante en el protocolo de administraci\u00f3n propietario (puerto TCP 5558) de Hitachi Energy FOX61x, XCM20 permite que un atacante que explote la vulnerabilidad al activar SSH en el puerto TCP 5558 para causar una interrupci\u00f3n en la comunicaci\u00f3n del NMS y NE. Este problema afecta a: Hitachi Energy FOX61x versiones anteriores a la R15A. Hitachi Energy XCM20 versiones anteriores a la R15A"}], "id": "CVE-2021-40334", "lastModified": "2021-12-08T17:15:04.157", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 4.0, "source": "cybersecurity@hitachienergy.com", "type": "Secondary"}]}, "published": "2021-12-02T19:15:08.413", "references": [{"source": "cybersecurity@hitachienergy.com", "tags": ["Vendor Advisory"], "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000062&LanguageCode=en&DocumentPartId=&Action=Launch"}, {"source": "cybersecurity@hitachienergy.com", "tags": ["Vendor Advisory"], "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000069&LanguageCode=en&DocumentPartId=&Action=Launch"}], "sourceIdentifier": "cybersecurity@hitachienergy.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-431"}], "source": "cybersecurity@hitachienergy.com", "type": "Secondary"}]}