CVE-2024-28020 - OpenCVE

A user/password reuse vulnerability exists in the FOXMAN-UN/UNEM application and server management. If exploited a malicious user could use the passwords and login information to extend access on the server and other services.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Hitachienergy	Foxman Un Unem

Configuration 1 [-]

OR	cpe:2.3:a:hitachienergy:foxman_un:r15a:::::::*
	cpe:2.3:a:hitachienergy:foxman_un:r15b:::::::*
	cpe:2.3:a:hitachienergy:foxman_un:r16a:::::::*
	cpe:2.3:a:hitachienergy:foxman_un:r16b:::::::*
	cpe:2.3:a:hitachienergy:unem:r15a:::::::*
	cpe:2.3:a:hitachienergy:unem:r15b:::::::*
	cpe:2.3:a:hitachienergy:unem:r16a:::::::*
	cpe:2.3:a:hitachienergy:unem:r16b:::::::*

No data.

References

Link	Providers
https://publisher.hitachienergy.com/preview?DocumentId=8DBD000194&languageCode=en&Preview=true
https://publisher.hitachienergy.com/preview?DocumentId=8DBD000201&languageCode=en&Preview=true

History

Thu, 15 Aug 2024 22:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Hitachienergy Hitachienergy foxman Un Hitachienergy unem
Weaknesses		NVD-CWE-noinfo
CPEs		cpe:2.3:a:hitachienergy:foxman_un:r15a:::::::* cpe:2.3:a:hitachienergy:foxman_un:r15b:::::::* cpe:2.3:a:hitachienergy:foxman_un:r16a:::::::* cpe:2.3:a:hitachienergy:foxman_un:r16b:::::::* cpe:2.3:a:hitachienergy:unem:r15a:::::::* cpe:2.3:a:hitachienergy:unem:r15b:::::::* cpe:2.3:a:hitachienergy:unem:r16a:::::::* cpe:2.3:a:hitachienergy:unem:r16b:::::::*
Vendors & Products		Hitachienergy Hitachienergy foxman Un Hitachienergy unem

MITRE

Status: PUBLISHED

Assigner: Hitachi Energy

Published: 2024-06-11T18:20:35.573Z

Updated: 2024-08-02T00:48:47.637Z

Reserved: 2024-02-29T13:42:00.745Z

Link: CVE-2024-28020

Vulnrichment

Updated: 2024-08-02T00:48:47.637Z

NVD

Status : Undergoing Analysis

Published: 2024-06-11T19:16:05.787

Modified: 2024-08-15T21:32:33.467

Link: CVE-2024-28020

Redhat

No data.

Metrics

Attack Vector Network

Attack Complexity High

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity High

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object