CVE-2024-2012 - Vulnerability Details

vulnerability exists in the FOXMAN-UN/UNEM server / API Gateway that if exploited an attacker could use to allow unintended commands or code to be executed on the UNEM server allowing sensitive data to be read or modified or could cause other unintended behavior

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Hitachienergy	Foxman-un Unem

Configuration 1 [-]

OR	cpe:2.3:a:hitachienergy:foxman-un:r15a:::::::*
	cpe:2.3:a:hitachienergy:foxman-un:r15b:pc4::::::
	cpe:2.3:a:hitachienergy:foxman-un:r16a:::::::*
	cpe:2.3:a:hitachienergy:foxman-un:r16b:pc2::::::
	cpe:2.3:a:hitachienergy:unem:r15a:::::::*
	cpe:2.3:a:hitachienergy:unem:r15b:pc4::::::
	cpe:2.3:a:hitachienergy:unem:r15b:pc5::::::
	cpe:2.3:a:hitachienergy:unem:r16a:::::::*
	cpe:2.3:a:hitachienergy:unem:r16b:pc2::::::

No data.

References

Link	Providers
https://publisher.hitachienergy.com/preview?DocumentId=8DBD000201&languageCode=en&Preview=true

History

Thu, 15 Aug 2024 21:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Hitachienergy Hitachienergy foxman-un Hitachienergy unem
Weaknesses		NVD-CWE-noinfo
CPEs		cpe:2.3:a:hitachienergy:foxman-un:r15a:::::::* cpe:2.3:a:hitachienergy:foxman-un:r15b:pc4:::::: cpe:2.3:a:hitachienergy:foxman-un:r16a:::::::* cpe:2.3:a:hitachienergy:foxman-un:r16b:pc2:::::: cpe:2.3:a:hitachienergy:unem:r15a:::::::* cpe:2.3:a:hitachienergy:unem:r15b:pc4:::::: cpe:2.3:a:hitachienergy:unem:r15b:pc5:::::: cpe:2.3:a:hitachienergy:unem:r16a:::::::* cpe:2.3:a:hitachienergy:unem:r16b:pc2::::::
Vendors & Products		Hitachienergy Hitachienergy foxman-un Hitachienergy unem

MITRE

Status: PUBLISHED

Assigner: Hitachi Energy

Published: 2024-06-11T13:16:29.566Z

Updated: 2024-08-01T18:56:22.575Z

Reserved: 2024-02-29T13:42:06.985Z

Link: CVE-2024-2012

Vulnrichment

Updated: 2024-08-01T18:56:22.575Z

NVD

Status : Modified

Published: 2024-06-11T14:15:11.273

Modified: 2024-11-21T09:08:48.537

Link: CVE-2024-2012

Redhat

No data.

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object