CVE-2021-40333

EPSS 0.2%
Veröffentlicht 02.12.2021 19:15:08
Zuletzt bearbeitet 21.11.2024 06:23:52
Quelle cybersecurity@hitachienergy.co
CVE-Watchlists
Login
Unerledigt
Login

Weak default credential associated with TCP port 26

Weak Password Requirements vulnerability in Hitachi Energy FOX61x, XCM20 allows an attacker to gain unauthorized access to the Data Communication Network (DCN) routing configuration. This issue affects: Hitachi Energy FOX61x versions prior to R15A. Hitachi Energy XCM20 versions prior to R15A.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 1 Referenzen 5

NVD 2 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Hitachienergy ≫ Fox615 Firmware Version < r15a

Hitachienergy ≫ Fox615 Version-

Hitachienergy ≫ Xcm20 Firmware Version < r15a

Hitachienergy ≫ Xcm20 Version-

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.2%	0.388

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.1	2.8	4.2	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
nvd@nist.gov	5.5	8	4.9	AV:N/AC:L/Au:S/C:P/I:P/A:N
cybersecurity@hitachienergy.com	9	2.3	6	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:H

CWE-521 Weak Password Requirements

The product does not require that users should have strong passwords, which makes it easier for attackers to compromise user accounts.

https://search.abb.com/library/Download.aspx?DocumentID=8DBD000062&LanguageCode=en&DocumentPartId=&Action=Launch

Vendor Advisory

https://search.abb.com/library/Download.aspx?DocumentID=8DBD000069&LanguageCode=en&DocumentPartId=&Action=Launch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-40333

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-40333

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-40333

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2021-40333