Vulnerabilities > CVE-2023-5516 - Unspecified vulnerability in Hitachienergy Esoms

CVSS 5.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

NONE

Availability impact

NONE

network

low complexity

hitachienergy

NVD

Published: 2023-11-01

Updated: 2023-11-08

Summary

Poorly constructed webap requests and URI components with special characters trigger unhandled errors and exceptions, disclosing information about the underlying technology and other sensitive information details. The website unintentionally reveals sensitive information including technical details like version Info, endpoints, backend server, Internal IP. etc., which can potentially expose additional attack surface containing other interesting vulnerabilities.

Vulnerable Configurations

Part	Description	Count
Application	Hitachienergy Hitachienergy Esoms - Hitachienergy Esoms 3.9 Hitachienergy Esoms 4.0 Hitachienergy Esoms 6.0 Hitachienergy Esoms 6.0.2 Hitachienergy Esoms 6.0.3 Hitachienergy Esoms 6.0.4 Hitachienergy Esoms 6.0.4.2.2 Hitachienergy Esoms 6.1 Hitachienergy Esoms 6.1.4 Hitachienergy Esoms 6.3 Hitachienergy Esoms 6.3.1 Hitachienergy Esoms 6.3.13	13

References

https://publisher.hitachienergy.com/preview?DocumentId=8DBD000175&languageCode=en&Preview=true