Vulnerabilities > Hitachienergy
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-01 | CVE-2023-5514 | Information Exposure Through an Error Message vulnerability in Hitachienergy Esoms The response messages received from the eSOMS report generation using certain parameter queries with full file path can be abused for enumerating the local file system structure. | 5.3 |
| 2023-11-01 | CVE-2023-5515 | Unspecified vulnerability in Hitachienergy Esoms The responses for web queries with certain parameters disclose internal path of resources. | 5.3 |
| 2023-11-01 | CVE-2023-5516 | Unspecified vulnerability in Hitachienergy Esoms Poorly constructed webap requests and URI components with special characters trigger unhandled errors and exceptions, disclosing information about the underlying technology and other sensitive information details. | 5.3 |
| 2023-09-11 | CVE-2023-4816 | Improper Authentication vulnerability in Hitachienergy Asset Suite A vulnerability exists in the Equipment Tag Out authentication, when configured with Single Sign-On (SSO) with password validation in T214. | 8.8 |
| 2023-07-26 | CVE-2022-2502 | Improper Input Validation vulnerability in Hitachienergy Rtu500 Firmware A vulnerability exists in the HCI IEC 60870-5-104 function included in certain versions of the RTU500 series product. | 7.5 |
| 2023-07-26 | CVE-2022-4608 | Out-of-bounds Write vulnerability in Hitachienergy Rtu500 Firmware A vulnerability exists in HCI IEC 60870-5-104 function included in certain versions of the RTU500 series product. | 7.5 |
| 2023-05-30 | CVE-2023-1711 | Improper Encoding or Escaping of Output vulnerability in Hitachienergy Foxman UN and Unem A vulnerability exists in a FOXMAN-UN and UNEM logging component, it only affects systems that use remote authentication to the network elements. | 4.4 |
| 2023-03-28 | CVE-2022-3685 | Unspecified vulnerability in Hitachienergy Sdm600 A vulnerability exists in the SDM600 software. | 7.2 |
| 2023-03-28 | CVE-2022-3683 | Unspecified vulnerability in Hitachienergy Sdm600 A vulnerability exists in the SDM600 API web services authorization validation implementation. | 7.5 |
| 2023-03-28 | CVE-2022-3684 | Improper Resource Shutdown or Release vulnerability in Hitachienergy Sdm600 A vulnerability exists in a SDM600 endpoint. An attacker could exploit this vulnerability by running multiple parallel requests, the SDM600 web services become busy rendering the application unresponsive. This issue affects: All SDM600 versions prior to version 1.2 FP3 HF4 (Build Nr. | 7.5 |