Описание
A vulnerability exists in the UNEM server / APIGateway that if exploited allows a malicious user to perform an arbitrary number of authentication attempts using different passwords, and eventually gain access to other components in the same security realm using the targeted account.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:hitachienergy:foxman-un:r15a:*:*:*:*:*:*:*
cpe:2.3:a:hitachienergy:foxman-un:r15b:*:*:*:*:*:*:*
cpe:2.3:a:hitachienergy:foxman-un:r16a:*:*:*:*:*:*:*
cpe:2.3:a:hitachienergy:foxman-un:r16b:*:*:*:*:*:*:*
cpe:2.3:a:hitachienergy:unem:r15a:*:*:*:*:*:*:*
cpe:2.3:a:hitachienergy:unem:r15b:*:*:*:*:*:*:*
cpe:2.3:a:hitachienergy:unem:r16a:*:*:*:*:*:*:*
cpe:2.3:a:hitachienergy:unem:r16b:*:*:*:*:*:*:*
EPSS
Процентиль: 31%
0.00117
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-307
CWE-307
Связанные уязвимости
CVSS3: 6.5
github
больше 1 года назад
A vulnerability exists in the FOXMAN-UN/UNEM server / APIGateway that if exploited allows a malicious user to perform an arbitrary number of authentication attempts using different passwords, and eventually gain access to the targeted account.
EPSS
Процентиль: 31%
0.00117
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-307
CWE-307