CVE-2021-40333

EPSS 0.2%
Published 02.12.2021 19:15:08
Last modified 21.11.2024 06:23:52
Source cybersecurity@hitachienergy.co
Teams watchlist Login
Open Login

Weak Password Requirements vulnerability in Hitachi Energy FOX61x, XCM20 allows an attacker to gain unauthorized access to the Data Communication Network (DCN) routing configuration. This issue affects: Hitachi Energy FOX61x versions prior to R15A. Hitachi Energy XCM20 versions prior to R15A.

Affected products Warnungen 0 Metrics 4 CWE 1 References 5

Data is provided by the National Vulnerability Database (NVD)

Hitachienergy ≫ Fox615 Firmware Version < r15a

Hitachienergy ≫ Fox615 Version-

Hitachienergy ≫ Xcm20 Firmware Version < r15a

Hitachienergy ≫ Xcm20 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.2%	0.388

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.1	2.8	4.2	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
nvd@nist.gov	5.5	8	4.9	AV:N/AC:L/Au:S/C:P/I:P/A:N
cybersecurity@hitachienergy.com	9	2.3	6	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:H

CWE-521 Weak Password Requirements

The product does not require that users should have strong passwords, which makes it easier for attackers to compromise user accounts.

https://search.abb.com/library/Download.aspx?DocumentID=8DBD000062&LanguageCode=en&DocumentPartId=&Action=Launch

Vendor Advisory

https://search.abb.com/library/Download.aspx?DocumentID=8DBD000069&LanguageCode=en&DocumentPartId=&Action=Launch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-40333

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-40333

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-40333

EUVD