CRITICAL🇵🇱 Wersja polska

CVE-2024-2012

CVSS 9.1v3.1pub. 2024-06-11upd. 2024-11-21

vulnerability exists in the FOXMAN-UN/UNEM server / API Gateway that if exploited an attacker could use to allow unintended commands or code to be executed on the UNEM server allowing sensitive data to be read or modified or could cause other unintended behavior

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
  • Hitachienergy Foxman Un

    APP
    Hitachienergy
    r15ar15br16ar16b
  • Hitachienergy Unem

    APP
    Hitachienergy
    r15ar15br16ar16b
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2024-2013CRITICAL10.0PL ✓ten sam produkt

Authentication bypass w Hitachi Energy FOXMAN-UN/UNEM — pełny dostęp bez uwierzytelnienia

CVE-2024-28021HIGH7.4ten sam produkt

A vulnerability exists in the FOXMAN-UN/UNEM server that affects the message queueing mechanism’s certificate...

CVE-2024-2011HIGH8.6ten sam produkt

A heap-based buffer overflow vulnerability exists in the FOXMAN-UN/UNEM that if exploited will generally lead ...

CVE-2024-28020HIGH8.0ten sam produkt

A user/password reuse vulnerability exists in the FOXMAN-UN/UNEM application and server management. If exploit...

CVE-2022-3927HIGH8.0ten sam produkt

The affected products store both public and private key that are used to sign and protect Custom Parameter Se...