CVE-2021-40339

EPSS 0.38%
Published 28.01.2022 20:15:11
Last modified 21.11.2024 06:23:53
Source cybersecurity@hitachienergy.co
Teams watchlist Login
Open Login

Configuration vulnerability in Hitachi Energy LinkOne application due to the lack of HTTP Headers, allows an attacker that manages to exploit this vulnerability to retrieve sensitive information. This issue affects: Hitachi Energy LinkOne 3.20; 3.22; 3.23; 3.24; 3.25; 3.26.

Affected products Warnungen 0 Metrics 4 CWE 0 References 4

Data is provided by the National Vulnerability Database (NVD)

Hitachi ≫ Linkone Version3.20

Hitachi ≫ Linkone Version3.22

Hitachi ≫ Linkone Version3.23

Hitachi ≫ Linkone Version3.24

Hitachi ≫ Linkone Version3.25

Hitachi ≫ Linkone Version3.26

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.38%	0.567

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N
cybersecurity@hitachienergy.com	3.7	2.2	1.4	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

https://search.abb.com/library/Download.aspx?DocumentID=8DBD000079&LanguageCode=en&DocumentPartId=&Action=Launch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-40339

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-40339

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-40339

EUVD