{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-28023", "assignerOrgId": "e383dce4-0c27-4495-91c4-0db157728d17", "state": "PUBLISHED", "assignerShortName": "Hitachi Energy", "dateReserved": "2024-02-29T13:42:00.746Z", "datePublished": "2024-06-11T13:55:56.127Z", "dateUpdated": "2024-08-02T00:48:47.834Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "FOXMAN-UN", "vendor": "Hitachi Energy", "versions": [{"status": "affected", "version": "FOXMAN-UN R16B PC2"}, {"lessThanOrEqual": "FOXMAN-UN R16B PC4", "status": "unaffected", "version": "FOXMAN-UN R16B PC3", "versionType": "custom"}, {"status": "affected", "version": "FOXMAN-UN R15B PC4"}, {"status": "unaffected", "version": "FOXMAN-UN R15B PC5"}]}, {"defaultStatus": "unaffected", "product": "UNEM", "vendor": "Hitachi Energy", "versions": [{"status": "affected", "version": "UNEM R16B PC2"}, {"lessThanOrEqual": "UNEM R16B PC4", "status": "unaffected", "version": "UNEM R16B PC3", "versionType": "custom"}, {"status": "affected", "version": "UNEM R15B PC4"}, {"status": "unaffected", "version": "UNEM R15B PC4"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "A vulnerability exists in the message queueing mechanism that if \nexploited can lead to the exposure of resources or functionality to \nunintended actors, possibly providing attackers with sensitive information or even execute arbitrary code.\n\n\n"}], "value": "A vulnerability exists in the message queueing mechanism that if \nexploited can lead to the exposure of resources or functionality to \nunintended actors, possibly providing attackers with sensitive information or even execute arbitrary code."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 5.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-259", "description": "CWE-259 Use of Hard-coded Password", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "e383dce4-0c27-4495-91c4-0db157728d17", "shortName": "Hitachi Energy", "dateUpdated": "2024-06-12T16:05:56.127Z"}, "references": [{"url": "https://publisher.hitachienergy.com/preview?DocumentId=8DBD000201&languageCode=en&Preview=true"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-11T15:40:34.740767Z", "id": "CVE-2024-28023", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-24T15:15:53.504Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:48:47.834Z"}, "title": "CVE Program Container", "references": [{"url": "https://publisher.hitachienergy.com/preview?DocumentId=8DBD000201&languageCode=en&Preview=true", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://publisher.hitachienergy.com/preview?DocumentId=8DBD000201&languageCode=en&Preview=true", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:48:47.834Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-28023", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-06-11T15:40:34.740767Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-11T15:40:39.996Z"}}], "cna": {"source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.7, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Hitachi Energy", "product": "FOXMAN-UN", "versions": [{"status": "affected", "version": "FOXMAN-UN R16B PC2"}, {"status": "unaffected", "version": "FOXMAN-UN R16B PC3", "versionType": "custom", "lessThanOrEqual": "FOXMAN-UN R16B PC4"}, {"status": "affected", "version": "FOXMAN-UN R15B PC4"}, {"status": "unaffected", "version": "FOXMAN-UN R15B PC5"}], "defaultStatus": "unaffected"}, {"vendor": "Hitachi Energy", "product": "UNEM", "versions": [{"status": "affected", "version": "UNEM R16B PC2"}, {"status": "unaffected", "version": "UNEM R16B PC3", "versionType": "custom", "lessThanOrEqual": "UNEM R16B PC4"}, {"status": "affected", "version": "UNEM R15B PC4"}, {"status": "unaffected", "version": "UNEM R15B PC4"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://publisher.hitachienergy.com/preview?DocumentId=8DBD000201&languageCode=en&Preview=true"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "A vulnerability exists in the message queueing mechanism that if \nexploited can lead to the exposure of resources or functionality to \nunintended actors, possibly providing attackers with sensitive information or even execute arbitrary code.", "supportingMedia": [{"type": "text/html", "value": "A vulnerability exists in the message queueing mechanism that if \nexploited can lead to the exposure of resources or functionality to \nunintended actors, possibly providing attackers with sensitive information or even execute arbitrary code.\n\n\n", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-259", "description": "CWE-259 Use of Hard-coded Password"}]}], "providerMetadata": {"orgId": "e383dce4-0c27-4495-91c4-0db157728d17", "shortName": "Hitachi Energy", "dateUpdated": "2024-06-12T16:05:56.127Z"}}}, "cveMetadata": {"cveId": "CVE-2024-28023", "state": "PUBLISHED", "dateUpdated": "2024-08-02T00:48:47.834Z", "dateReserved": "2024-02-29T13:42:00.746Z", "assignerOrgId": "e383dce4-0c27-4495-91c4-0db157728d17", "datePublished": "2024-06-11T13:55:56.127Z", "assignerShortName": "Hitachi Energy"}, "dataVersion": "5.1"}

{"descriptions": [{"lang": "en", "value": "A vulnerability exists in the message queueing mechanism that if \nexploited can lead to the exposure of resources or functionality to \nunintended actors, possibly providing attackers with sensitive information or even execute arbitrary code."}, {"lang": "es", "value": "Existe una vulnerabilidad en el mecanismo de cola de mensajes que, si se explota, puede provocar la exposici\u00f3n de recursos o funcionalidades a actores no deseados, posiblemente proporcionando a los atacantes informaci\u00f3n confidencial o incluso ejecutar c\u00f3digo arbitrario."}], "id": "CVE-2024-28023", "lastModified": "2024-11-21T09:05:39.807", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 5.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 1.5, "impactScore": 3.7, "source": "cybersecurity@hitachienergy.com", "type": "Secondary"}]}, "published": "2024-06-11T14:15:10.803", "references": [{"source": "cybersecurity@hitachienergy.com", "url": "https://publisher.hitachienergy.com/preview?DocumentId=8DBD000201&languageCode=en&Preview=true"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://publisher.hitachienergy.com/preview?DocumentId=8DBD000201&languageCode=en&Preview=true"}], "sourceIdentifier": "cybersecurity@hitachienergy.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-259"}], "source": "cybersecurity@hitachienergy.com", "type": "Secondary"}]}

{}