CVE-2023-1711

EPSS 0.09%
Veröffentlicht 30.05.2023 19:15:09
Zuletzt bearbeitet 21.11.2024 07:39:44
Quelle cybersecurity@hitachienergy.co
CVE-Watchlists
Login
Unerledigt
Login

A vulnerability exists in a FOXMAN-UN and UNEM logging component, it only affects systems that use remote authentication to the network elements. 
If exploited an attacker could obtain confidential information.



List of CPEs:
  *  cpe:2.3:a:hitachienergy:foxman_un:R9C:*:*:*:*:*:*:*
  *  cpe:2.3:a:hitachienergy:foxman_un:R10C:*:*:*:*:*:*:*

  *  cpe:2.3:a:hitachienergy:foxman_un:R11A:*:*:*:*:*:*:*

  *  cpe:2.3:a:hitachienergy:foxman_un:R11B:*:*:*:*:*:*:*

  *  cpe:2.3:a:hitachienergy:foxman_un:R14A:*:*:*:*:*:*:*

  *  cpe:2.3:a:hitachienergy:foxman_un:R14B:*:*:*:*:*:*:*

  *  cpe:2.3:a:hitachienergy:foxman_un:R15A:*:*:*:*:*:*:*

  *  cpe:2.3:a:hitachienergy:foxman_un:R15B:*:*:*:*:*:*:*

  *  cpe:2.3:a:hitachienergy:foxman_un:R16A:*:*:*:*:*:*:*

  *  
  *  cpe:2.3:a:hitachienergy:unem:R9C:*:*:*:*:*:*:*
  *  cpe:2.3:a:hitachienergy: unem :R10C:*:*:*:*:*:*:*

  *  cpe:2.3:a:hitachienergy: unem :R11A:*:*:*:*:*:*:*

  *  cpe:2.3:a:hitachienergy: unem :R11B:*:*:*:*:*:*:*

  *  cpe:2.3:a:hitachienergy: unem :R14A:*:*:*:*:*:*:*

  *  cpe:2.3:a:hitachienergy: unem :R14B:*:*:*:*:*:*:*

  *  cpe:2.3:a:hitachienergy: unem :R15A:*:*:*:*:*:*:*

  *  cpe:2.3:a:hitachienergy: unem :R15B:*:*:*:*:*:*:*

  *  cpe:2.3:a:hitachienergy: unem :R16A:*:*:*:*:*:*:*

Betroffene Produkte Warnungen 0 Metriken 3 CWE 2 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Hitachienergy ≫ Foxman-un Versionr9c

Hitachienergy ≫ Foxman-un Versionr10c

Hitachienergy ≫ Foxman-un Versionr11a

Hitachienergy ≫ Foxman-un Versionr11b

Hitachienergy ≫ Foxman-un Versionr14a

Hitachienergy ≫ Foxman-un Versionr14b

Hitachienergy ≫ Foxman-un Versionr15a

Hitachienergy ≫ Foxman-un Versionr15b

Hitachienergy ≫ Foxman-un Versionr16a

Hitachienergy ≫ Unem Versionr9c

Hitachienergy ≫ Unem Versionr10c

Hitachienergy ≫ Unem Versionr11a

Hitachienergy ≫ Unem Versionr11b

Hitachienergy ≫ Unem Versionr14a

Hitachienergy ≫ Unem Versionr14b

Hitachienergy ≫ Unem Versionr15a

Hitachienergy ≫ Unem Versionr15b

Hitachienergy ≫ Unem Versionr16a

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.09%	0.26

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.4	0.8	3.6	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
cybersecurity@hitachienergy.com	4	0.3	3.6	CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N

CWE-116 Improper Encoding or Escaping of Output

The product prepares a structured message for communication with another component, but encoding or escaping of the data is either missing or done incorrectly. As a result, the intended structure of the message is not preserved.

CWE-117 Improper Output Neutralization for Logs

The product does not neutralize or incorrectly neutralizes output that is written to logs.

https://search.abb.com/library/Download.aspx?DocumentID=8DBD000155&LanguageCode=en&DocumentPartId=&Action=Launch

Vendor Advisory

https://search.abb.com/library/Download.aspx?DocumentID=8DBD000166&LanguageCode=en&DocumentPartId=&Action=Launch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2023-1711

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-1711

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-1711

EUVD