CVE-2024-2462 - OpenCVE

Allow attackers to intercept or falsify data exchanges between the client and the server

Attack Vector Physical

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction Active

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact Low

Subsequent System Integrity Impact None

Subsequent System Availability Impact High

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

References

Link	Providers
https://publisher.hitachienergy.com/preview?DocumentId=8DBD000198&languageCode=en&Preview=true

History

No history.

MITRE

Status: PUBLISHED

Assigner: Hitachi Energy

Published: 2024-06-11T12:48:57.963Z

Updated: 2024-08-01T19:11:53.576Z

Reserved: 2024-03-14T17:09:59.755Z

Link: CVE-2024-2462

Vulnrichment

Updated: 2024-08-01T19:11:53.576Z

NVD

Status : Awaiting Analysis

Published: 2024-06-11T13:15:49.910

Modified: 2024-06-11T13:54:12.057

Link: CVE-2024-2462

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-2462", "assignerOrgId": "e383dce4-0c27-4495-91c4-0db157728d17", "state": "PUBLISHED", "assignerShortName": "Hitachi Energy", "dateReserved": "2024-03-14T17:09:59.755Z", "datePublished": "2024-06-11T12:48:57.963Z", "dateUpdated": "2024-08-01T19:11:53.576Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "FOXMAN-UN", "vendor": "Hitachi Energy", "versions": [{"lessThanOrEqual": "FOXMAN-UN R16B PC2", "status": "affected", "version": "0", "versionType": "custom"}, {"status": "unaffected", "version": "FOXMAN-UN R16B PC3", "versionType": "custom"}, {"lessThanOrEqual": "FOXMAN-UN R15B PC4", "status": "affected", "version": "0", "versionType": "custom"}, {"status": "unaffected", "version": "FOXMAN-UN R15B PC5", "versionType": "custom"}, {"status": "affected", "version": "FOXMAN-UN R16A", "versionType": "custom"}, {"status": "affected", "version": "FOXMAN-UN R15A", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "FOX61x", "vendor": "Hitachi Energy", "versions": [{"lessThan": "FOX61x R16B", "status": "affected", "version": "0", "versionType": "custom"}, {"status": "unaffected", "version": "FOX61x R16B", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "FOXCST", "vendor": "Hitachi Energy", "versions": [{"lessThan": "FOXCST_16.2.1", "status": "affected", "version": "0", "versionType": "custom"}, {"status": "unaffected", "version": "FOXCST_16.2.1", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "UNEM", "vendor": "Hitachi Energy", "versions": [{"lessThanOrEqual": "UNEM R16B PC2", "status": "affected", "version": "0", "versionType": "custom"}, {"status": "unaffected", "version": "UNEM R16B PC3", "versionType": "custom"}, {"lessThanOrEqual": "UNEM R15B PC4", "status": "affected", "version": "0", "versionType": "custom"}, {"status": "unaffected", "version": "UNEM R15B PC5", "versionType": "custom"}, {"status": "affected", "version": "UNEM R16A", "versionType": "custom"}, {"status": "affected", "version": "UNEM R15A", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "XMC20", "vendor": "Hitachi Energy", "versions": [{"status": "affected", "version": "R16B", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "ECST", "vendor": "Hitachi Energy", "versions": [{"status": "affected", "version": "ECST_16.2.1", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Allow attackers to intercept or falsify data exchanges between the client \nand the server\n\n"}], "value": "Allow attackers to intercept or falsify data exchanges between the client \nand the server"}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "PHYSICAL", "baseScore": 6.8, "baseSeverity": "MEDIUM", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "HIGH", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "NONE", "userInteraction": "ACTIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:H/SC:L/SI:N/SA:H", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-297", "description": "CWE-297 Improper Validation of Certificate with Host Mismatch", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "e383dce4-0c27-4495-91c4-0db157728d17", "shortName": "Hitachi Energy", "dateUpdated": "2024-06-11T12:48:57.963Z"}, "references": [{"url": "https://publisher.hitachienergy.com/preview?DocumentId=8DBD000198&languageCode=en&Preview=true"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"affected": [{"vendor": "hitachi_energy", "product": "foxman-un", "cpes": ["cpe:2.3:a:hitachi_energy:foxman-un:*:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "FOXMAN-UN R16B PC2", "versionType": "custom"}, {"version": "FOXMAN-UN R16B PC3", "status": "unaffected"}, {"version": "0", "status": "affected", "lessThanOrEqual": "FOXMAN-UN R15B PC4", "versionType": "custom"}, {"version": "FOXMAN-UN R15B PC5", "status": "unaffected"}, {"version": "FOXMAN-UN R16A", "status": "affected"}, {"version": "FOXMAN-UN R15A", "status": "affected"}]}, {"vendor": "hitachi_energy", "product": "fox61x", "cpes": ["cpe:2.3:a:hitachi_energy:fox61x:*:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "0", "status": "affected", "lessThan": "FOX61x R16B", "versionType": "custom"}, {"version": "FOX61x R16B", "status": "unaffected"}]}, {"vendor": "hitachi_energy", "product": "foxcst", "cpes": ["cpe:2.3:a:hitachi_energy:foxcst:*:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "0", "status": "affected", "lessThan": "FOXCST_16.2.1", "versionType": "custom"}, {"version": "FOXCST_16.2.1", "status": "unaffected"}]}, {"vendor": "hitachi_energy", "product": "unem", "cpes": ["cpe:2.3:a:hitachi_energy:unem:*:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "UNEM R16B PC2", "versionType": "custom"}, {"version": "UNEM R16B PC3", "status": "unaffected"}, {"version": "0", "status": "affected", "lessThanOrEqual": "UNEM R15B PC4", "versionType": "custom"}, {"version": "UNEM R15B PC5", "status": "unaffected"}, {"version": "UNEM R16A", "status": "affected"}, {"version": "UNEM R15A", "status": "affected"}]}, {"vendor": "hitachi_energy", "product": "xmc20", "cpes": ["cpe:2.3:a:hitachi_energy:xmc20:*:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "R16B", "status": "affected"}]}, {"vendor": "hitachi_energy", "product": "ecst", "cpes": ["cpe:2.3:a:hitachi_energy:ecst:*:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "ECST_16.2.1", "status": "affected"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-12T18:31:01.584910Z", "id": "CVE-2024-2462", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-12T19:06:16.825Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T19:11:53.576Z"}, "title": "CVE Program Container", "references": [{"url": "https://publisher.hitachienergy.com/preview?DocumentId=8DBD000198&languageCode=en&Preview=true", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://publisher.hitachienergy.com/preview?DocumentId=8DBD000198&languageCode=en&Preview=true", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T19:11:53.576Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-2462", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-06-12T18:31:01.584910Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:hitachi_energy:foxman-un:*:*:*:*:*:*:*:*"], "vendor": "hitachi_energy", "product": "foxman-un", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "FOXMAN-UN R16B PC2"}, {"status": "unaffected", "version": "FOXMAN-UN R16B PC3"}, {"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "FOXMAN-UN R15B PC4"}, {"status": "unaffected", "version": "FOXMAN-UN R15B PC5"}, {"status": "affected", "version": "FOXMAN-UN R16A"}, {"status": "affected", "version": "FOXMAN-UN R15A"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:a:hitachi_energy:fox61x:*:*:*:*:*:*:*:*"], "vendor": "hitachi_energy", "product": "fox61x", "versions": [{"status": "affected", "version": "0", "lessThan": "FOX61x R16B", "versionType": "custom"}, {"status": "unaffected", "version": "FOX61x R16B"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:a:hitachi_energy:foxcst:*:*:*:*:*:*:*:*"], "vendor": "hitachi_energy", "product": "foxcst", "versions": [{"status": "affected", "version": "0", "lessThan": "FOXCST_16.2.1", "versionType": "custom"}, {"status": "unaffected", "version": "FOXCST_16.2.1"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:a:hitachi_energy:unem:*:*:*:*:*:*:*:*"], "vendor": "hitachi_energy", "product": "unem", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "UNEM R16B PC2"}, {"status": "unaffected", "version": "UNEM R16B PC3"}, {"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "UNEM R15B PC4"}, {"status": "unaffected", "version": "UNEM R15B PC5"}, {"status": "affected", "version": "UNEM R16A"}, {"status": "affected", "version": "UNEM R15A"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:a:hitachi_energy:xmc20:*:*:*:*:*:*:*:*"], "vendor": "hitachi_energy", "product": "xmc20", "versions": [{"status": "affected", "version": "R16B"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:a:hitachi_energy:ecst:*:*:*:*:*:*:*:*"], "vendor": "hitachi_energy", "product": "ecst", "versions": [{"status": "affected", "version": "ECST_16.2.1"}], "defaultStatus": "unaffected"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-12T18:49:27.982Z"}}], "cna": {"source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 6.8, "Automatable": "NOT_DEFINED", "attackVector": "PHYSICAL", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:H/SC:L/SI:N/SA:H", "providerUrgency": "NOT_DEFINED", "userInteraction": "ACTIVE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "LOW", "vulnConfidentialityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Hitachi Energy", "product": "FOXMAN-UN", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "FOXMAN-UN R16B PC2"}, {"status": "unaffected", "version": "FOXMAN-UN R16B PC3", "versionType": "custom"}, {"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "FOXMAN-UN R15B PC4"}, {"status": "unaffected", "version": "FOXMAN-UN R15B PC5", "versionType": "custom"}, {"status": "affected", "version": "FOXMAN-UN R16A", "versionType": "custom"}, {"status": "affected", "version": "FOXMAN-UN R15A", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "Hitachi Energy", "product": "FOX61x", "versions": [{"status": "affected", "version": "0", "lessThan": "FOX61x R16B", "versionType": "custom"}, {"status": "unaffected", "version": "FOX61x R16B", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "Hitachi Energy", "product": "FOXCST", "versions": [{"status": "affected", "version": "0", "lessThan": "FOXCST_16.2.1", "versionType": "custom"}, {"status": "unaffected", "version": "FOXCST_16.2.1", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "Hitachi Energy", "product": "UNEM", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "UNEM R16B PC2"}, {"status": "unaffected", "version": "UNEM R16B PC3", "versionType": "custom"}, {"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "UNEM R15B PC4"}, {"status": "unaffected", "version": "UNEM R15B PC5", "versionType": "custom"}, {"status": "affected", "version": "UNEM R16A", "versionType": "custom"}, {"status": "affected", "version": "UNEM R15A", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "Hitachi Energy", "product": "XMC20", "versions": [{"status": "affected", "version": "R16B", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "Hitachi Energy", "product": "ECST", "versions": [{"status": "affected", "version": "ECST_16.2.1", "versionType": "custom"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://publisher.hitachienergy.com/preview?DocumentId=8DBD000198&languageCode=en&Preview=true"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Allow attackers to intercept or falsify data exchanges between the client \nand the server", "supportingMedia": [{"type": "text/html", "value": "Allow attackers to intercept or falsify data exchanges between the client \nand the server\n\n", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-297", "description": "CWE-297 Improper Validation of Certificate with Host Mismatch"}]}], "providerMetadata": {"orgId": "e383dce4-0c27-4495-91c4-0db157728d17", "shortName": "Hitachi Energy", "dateUpdated": "2024-06-11T12:48:57.963Z"}}}, "cveMetadata": {"cveId": "CVE-2024-2462", "state": "PUBLISHED", "dateUpdated": "2024-08-01T19:11:53.576Z", "dateReserved": "2024-03-14T17:09:59.755Z", "assignerOrgId": "e383dce4-0c27-4495-91c4-0db157728d17", "datePublished": "2024-06-11T12:48:57.963Z", "assignerShortName": "Hitachi Energy"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Allow attackers to intercept or falsify data exchanges between the client \nand the server"}, {"lang": "es", "value": "Permitir a los atacantes interceptar o falsificar los intercambios de datos entre el cliente y el servidor."}], "id": "CVE-2024-2462", "lastModified": "2024-06-11T13:54:12.057", "metrics": {"cvssMetricV40": [{"cvssData": {"attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "PHYSICAL", "automatable": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityRequirements": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "recovery": "NOT_DEFINED", "safety": "NOT_DEFINED", "subsequentSystemAvailability": "HIGH", "subsequentSystemConfidentiality": "LOW", "subsequentSystemIntegrity": "NONE", "userInteraction": "ACTIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:H/SC:L/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnerabilityResponseEffort": "NOT_DEFINED", "vulnerableSystemAvailability": "HIGH", "vulnerableSystemConfidentiality": "LOW", "vulnerableSystemIntegrity": "NONE"}, "source": "cybersecurity@hitachienergy.com", "type": "Secondary"}]}, "published": "2024-06-11T13:15:49.910", "references": [{"source": "cybersecurity@hitachienergy.com", "url": "https://publisher.hitachienergy.com/preview?DocumentId=8DBD000198&languageCode=en&Preview=true"}], "sourceIdentifier": "cybersecurity@hitachienergy.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-297"}], "source": "cybersecurity@hitachienergy.com", "type": "Secondary"}]}