CVE-2023-49106

EPSS 0.08%
Veröffentlicht 16.01.2024 01:15:34
Zuletzt bearbeitet 21.11.2024 08:32:50
Quelle hirt@hitachi.co.jp
CVE-Watchlists
Login
Unerledigt
Login

Missing Password Field Masking Vulnerability in Hitachi Device Manager

Missing Password Field Masking vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Agent component).This issue affects Hitachi Device Manager: before 8.8.5-04.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 2 Referenzen 4

NVD 1 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Hitachi ≫ Device Manager Version < 8.8.5-04

Linux ≫ Linux Kernel Version-
Microsoft ≫ Windows Version-

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.08%	0.235

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
hirt@hitachi.co.jp	4.6	0.9	3.6	CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-522 Insufficiently Protected Credentials

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

CWE-549 Missing Password Field Masking

The product does not mask passwords during entry, increasing the potential for attackers to observe and capture passwords.

https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2024-101/index.html

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2023-49106

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-49106

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-49106

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2023-49106