Assigner | Hitachi Energy |
Reserved | 2024-02-29 |
Published | 2024-06-11 |
Updated | 2024-06-12 |
Description
A vulnerability exists in the FOXMAN-UN/UNEM server / APIGateway that if exploited allows a malicious user to perform an arbitrary number of authentication attempts using different passwords, and eventually gain access to the targeted account.
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L |
Problem types
CWE-307 Improper Restriction of Excessive Authentication Attempts
Product status
FOXMAN-UN R16B
FOXMAN-UN R15B
FOXMAN-UN R16A
FOXMAN-UN R15A
UNEM R16B
UNEM R15B
UNEM 16A
UNEM 15A
References
https://publisher.hitachienergy.com/preview?DocumentId=8DBD000194&languageCode=en&Preview=true
https://publisher.hitachienergy.com/preview?DocumentId=8DBD000201&languageCode=en&Preview=true