Vulnerabilities > CVE-2024-28022 - Improper Restriction of Excessive Authentication Attempts vulnerability in Hitachienergy Foxman-Un and Unem
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
LOW Integrity impact
LOW Availability impact
LOW Summary
A vulnerability exists in the UNEM server / APIGateway that if exploited allows a malicious user to perform an arbitrary number of authentication attempts using different passwords, and eventually gain access to other components in the same security realm using the targeted account.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 8 |
Common Weakness Enumeration (CWE)
References
- https://publisher.hitachienergy.com/preview?DocumentId=8DBD000194&languageCode=en&Preview=true
- https://publisher.hitachienergy.com/preview?DocumentId=8DBD000194&languageCode=en&Preview=true
- https://publisher.hitachienergy.com/preview?DocumentId=8DBD000201&languageCode=en&Preview=true
- https://publisher.hitachienergy.com/preview?DocumentId=8DBD000201&languageCode=en&Preview=true