CVE-2022-3928

Опубликовано: 05 янв. 2023

Источник: nvd

CVSS3: 7.1

CVSS3: 5.5

EPSS Низкий

Описание

Hardcoded credential is found in affected products' message queue. An attacker that manages to exploit this vulnerability will be able to access data to the internal message queue.

This issue affects

FOXMAN-UN product: FOXMAN-UN R15B, FOXMAN-UN R15A, FOXMAN-UN R14B, FOXMAN-UN R14A, FOXMAN-UN R11B, FOXMAN-UN R11A, FOXMAN-UN R10C, FOXMAN-UN R9C;
UNEM product: UNEM R15B, UNEM R15A, UNEM R14B, UNEM R14A, UNEM R11B, UNEM R11A, UNEM R10C, UNEM R9C.

List of CPEs:

cpe:2.3:a:hitachienergy:foxman-un:R15B:::::::*
cpe:2.3:a:hitachienergy:foxman-un:R15A:::::::*
cpe:2.3:a:hitachienergy:foxman-un:R14B:::::::*
cpe:2.3:a:hitachienergy:foxman-un:R14A:::::::*
cpe:2.3:a:hitachienergy:foxman-un:R11B:::::::*
cpe:2.3:a:hitachienergy:foxman-un:R11A:::::::*
cpe:2.3:a:hitachienergy:foxman-un:R10C:::::::*
cpe:2.3:a:hitachienergy:foxman-un:R9C:::::::*
cpe:2.3:a:hitachienergy:unem:R15B:::::::

Ссылки

https://search.abb.com/library/Download.aspx?DocumentID=8DBD000083&LanguageCode=en&DocumentPartId=&Action=Launch
Mitigation
Vendor Advisory
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000084&LanguageCode=en&DocumentPartId=&Action=Launch
Mitigation
Vendor Advisory
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000083&LanguageCode=en&DocumentPartId=&Action=Launch
Mitigation
Vendor Advisory
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000084&LanguageCode=en&DocumentPartId=&Action=Launch
Mitigation
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:hitachienergy:foxman-un:*:*:*:*:*:*:*:*

Версия до r16a (исключая)

cpe:2.3:a:hitachienergy:unem:*:*:*:*:*:*:*:*

Версия до r16a (исключая)

EPSS

Процентиль: 13%

0.00043

Низкий

7.1 High

CVSS3

5.5 Medium

CVSS3

Дефекты

CWE-798

Связанные уязвимости

GHSA-vgqf-5fqh-5xqq

CVSS3: 5.5

github

около 3 лет назад

Hardcoded credential is found in affected products' message queue. An attacker that manages to exploit this vulnerability will be able to access data to the internal message queue. This issue affects * FOXMAN-UN product: FOXMAN-UN R15B, FOXMAN-UN R15A, FOXMAN-UN R14B, FOXMAN-UN R14A, FOXMAN-UN R11B, FOXMAN-UN R11A, FOXMAN-UN R10C, FOXMAN-UN R9C; * UNEM product: UNEM R15B, UNEM R15A, UNEM R14B, UNEM R14A, UNEM R11B, UNEM R11A, UNEM R10C, UNEM R9C. List of CPEs: * cpe:2.3:a:hitachienergy:foxman-un:R15B:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R15A:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R14B:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R14A:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R11B:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R11A:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R10C:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R9C:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R15B:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R15A:*:*:*:*...

EPSS

Процентиль: 13%

0.00043

Низкий

7.1 High

CVSS3

5.5 Medium

CVSS3

Дефекты

CWE-798