CVE-2024-2011 - Vulnerability Details

A heap-based buffer overflow vulnerability exists in the FOXMAN-UN/UNEM that if exploited will generally lead to a denial of service but can be used to execute arbitrary code, which is usually outside the scope of a program's implicit security policy

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Hitachienergy	Foxman-un Unem

Configuration 1 [-]

OR	cpe:2.3:a:hitachienergy:foxman-un:r15a:::::::*
	cpe:2.3:a:hitachienergy:foxman-un:r15b:pc4::::::
	cpe:2.3:a:hitachienergy:foxman-un:r16a:::::::*
	cpe:2.3:a:hitachienergy:foxman-un:r16b:pc2::::::
	cpe:2.3:a:hitachienergy:unem:r15a:::::::*
	cpe:2.3:a:hitachienergy:unem:r15b:pc4::::::
	cpe:2.3:a:hitachienergy:unem:r16a:::::::*
	cpe:2.3:a:hitachienergy:unem:r16b:pc2::::::

No data.

References

Link	Providers
https://publisher.hitachienergy.com/preview?DocumentId=8DBD000194&languageCode=en&Preview=true
https://publisher.hitachienergy.com/preview?DocumentId=8DBD000201&languageCode=en&Preview=true

History

Thu, 15 Aug 2024 21:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Hitachienergy Hitachienergy foxman-un Hitachienergy unem
Weaknesses		CWE-787
CPEs		cpe:2.3:a:hitachienergy:foxman-un:r15a:::::::* cpe:2.3:a:hitachienergy:foxman-un:r15b:pc4:::::: cpe:2.3:a:hitachienergy:foxman-un:r16a:::::::* cpe:2.3:a:hitachienergy:foxman-un:r16b:pc2:::::: cpe:2.3:a:hitachienergy:unem:r15a:::::::* cpe:2.3:a:hitachienergy:unem:r15b:pc4:::::: cpe:2.3:a:hitachienergy:unem:r16a:::::::* cpe:2.3:a:hitachienergy:unem:r16b:pc2::::::
Vendors & Products		Hitachienergy Hitachienergy foxman-un Hitachienergy unem

MITRE

Status: PUBLISHED

Assigner: Hitachi Energy

Published: 2024-06-11T13:24:58.764Z

Updated: 2024-08-01T18:56:22.675Z

Reserved: 2024-02-29T13:42:05.971Z

Link: CVE-2024-2011

Vulnrichment

Updated: 2024-08-01T18:56:22.675Z

NVD

Status : Modified

Published: 2024-06-11T14:15:11.050

Modified: 2024-11-21T09:08:48.397

Link: CVE-2024-2011

Redhat

No data.

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact High

User Interaction None

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object