Vulnerabilities > Hitachienergy > Unem
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-11 | CVE-2024-28020 | Unspecified vulnerability in Hitachienergy Foxman-Un and Unem A user/password reuse vulnerability exists in the FOXMAN-UN/UNEM application and server management. | 8.0 |
| 2024-06-11 | CVE-2024-28022 | Improper Restriction of Excessive Authentication Attempts vulnerability in Hitachienergy Foxman-Un and Unem A vulnerability exists in the UNEM server / APIGateway that if exploited allows a malicious user to perform an arbitrary number of authentication attempts using different passwords, and eventually gain access to other components in the same security realm using the targeted account. | 6.5 |
| 2024-06-11 | CVE-2024-28024 | Cleartext Storage of Sensitive Information vulnerability in Hitachienergy Foxman-Un and Unem A vulnerability exists in the FOXMAN-UN/UNEM in which sensitive information is stored in cleartext within a resource that might be accessible to another control sphere. | 4.1 |
| 2024-06-11 | CVE-2024-28021 | Improper Certificate Validation vulnerability in Hitachienergy Foxman-Un, Foxman UN and Unem A vulnerability exists in the FOXMAN-UN/UNEM server that affects the message queueing mechanism’s certificate validation. | 7.4 |
| 2024-06-11 | CVE-2024-2011 | Out-of-bounds Write vulnerability in Hitachienergy Foxman-Un and Unem A heap-based buffer overflow vulnerability exists in the FOXMAN-UN/UNEM that if exploited will generally lead to a denial of service but can be used to execute arbitrary code, which is usually outside the scope of a program's implicit security policy | 9.8 |
| 2024-06-11 | CVE-2024-2012 | Unspecified vulnerability in Hitachienergy Foxman-Un and Unem vulnerability exists in the FOXMAN-UN/UNEM server / API Gateway that if exploited an attacker could use to allow unintended commands or code to be executed on the UNEM server allowing sensitive data to be read or modified or could cause other unintended behavior | 9.8 |
| 2024-06-11 | CVE-2024-2013 | Missing Authentication for Critical Function vulnerability in Hitachienergy Foxman-Un and Unem An authentication bypass vulnerability exists in the FOXMAN-UN/UNEM server / API Gateway component that if exploited allows attackers without any access to interact with the services and the post-authentication attack surface. | 10.0 |
| 2023-05-30 | CVE-2023-1711 | Improper Encoding or Escaping of Output vulnerability in Hitachienergy Foxman-Un and Unem A vulnerability exists in a FOXMAN-UN and UNEM logging component, it only affects systems that use remote authentication to the network elements. | 4.4 |
| 2023-01-05 | CVE-2021-40341 | Inadequate Encryption Strength vulnerability in Hitachienergy Foxman-Un and Unem DES cipher, which has inadequate encryption strength, is used Hitachi Energy FOXMAN-UN to encrypt user credentials used to access the Network Elements. | 5.5 |
| 2023-01-05 | CVE-2021-40342 | Improper Authentication vulnerability in Hitachienergy Foxman-Un and Unem In the DES implementation, the affected product versions use a default key for encryption. | 9.8 |