{ "id": "CVE-2023-1711", "sourceIdentifier": "cybersecurity@hitachienergy.com", "published": "2023-05-30T19:15:09.753", "lastModified": "2023-06-06T17:30:52.083", "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A vulnerability exists in a FOXMAN-UN and UNEM logging component, it only affects systems that use remote authentication to the network elements. \nIf exploited an attacker could obtain confidential information.\n\n\n\nList of CPEs:\n * cpe:2.3:a:hitachienergy:foxman_un:R9C:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:foxman_un:R10C:*:*:*:*:*:*:*\n\n * cpe:2.3:a:hitachienergy:foxman_un:R11A:*:*:*:*:*:*:*\n\n * cpe:2.3:a:hitachienergy:foxman_un:R11B:*:*:*:*:*:*:*\n\n * cpe:2.3:a:hitachienergy:foxman_un:R14A:*:*:*:*:*:*:*\n\n * cpe:2.3:a:hitachienergy:foxman_un:R14B:*:*:*:*:*:*:*\n\n * cpe:2.3:a:hitachienergy:foxman_un:R15A:*:*:*:*:*:*:*\n\n * cpe:2.3:a:hitachienergy:foxman_un:R15B:*:*:*:*:*:*:*\n\n * cpe:2.3:a:hitachienergy:foxman_un:R16A:*:*:*:*:*:*:*\n\n * \n * cpe:2.3:a:hitachienergy:unem:R9C:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy: unem :R10C:*:*:*:*:*:*:*\n\n * cpe:2.3:a:hitachienergy: unem :R11A:*:*:*:*:*:*:*\n\n * cpe:2.3:a:hitachienergy: unem :R11B:*:*:*:*:*:*:*\n\n * cpe:2.3:a:hitachienergy: unem :R14A:*:*:*:*:*:*:*\n\n * cpe:2.3:a:hitachienergy: unem :R14B:*:*:*:*:*:*:*\n\n * cpe:2.3:a:hitachienergy: unem :R15A:*:*:*:*:*:*:*\n\n * cpe:2.3:a:hitachienergy: unem :R15B:*:*:*:*:*:*:*\n\n * cpe:2.3:a:hitachienergy: unem :R16A:*:*:*:*:*:*:*\n\n\n" } ], "metrics": { "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM" }, "exploitabilityScore": 0.8, "impactScore": 3.6 }, { "source": "cybersecurity@hitachienergy.com", "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N", "attackVector": "LOCAL", "attackComplexity": "HIGH", "privilegesRequired": "HIGH", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 4.0, "baseSeverity": "MEDIUM" }, "exploitabilityScore": 0.3, "impactScore": 3.6 } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-116" } ] }, { "source": "cybersecurity@hitachienergy.com", "type": "Secondary", "description": [ { "lang": "en", "value": "CWE-117" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:hitachienergy:foxman_un:r9c:*:*:*:*:*:*:*", "matchCriteriaId": "DEED4D7C-7B05-4344-8002-2F8FCE77AEC5" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitachienergy:foxman_un:r10c:*:*:*:*:*:*:*", "matchCriteriaId": "EFF43981-24F6-482E-8B52-DFFE7A50644B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitachienergy:foxman_un:r11a:*:*:*:*:*:*:*", "matchCriteriaId": "0D867458-BC38-45D5-95A1-0270AD743913" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitachienergy:foxman_un:r11b:*:*:*:*:*:*:*", "matchCriteriaId": "F8C82E8B-578D-4DE2-A92A-D63815E23E54" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitachienergy:foxman_un:r14a:*:*:*:*:*:*:*", "matchCriteriaId": "555C826E-C454-41A8-99D0-81D2097E7382" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitachienergy:foxman_un:r14b:*:*:*:*:*:*:*", "matchCriteriaId": "A9503866-5F47-499D-9C1A-39C668AEE5AA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitachienergy:foxman_un:r15a:*:*:*:*:*:*:*", "matchCriteriaId": "DE718EB5-3F54-4CCB-A34E-5BA0DF87EEF0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitachienergy:foxman_un:r15b:*:*:*:*:*:*:*", "matchCriteriaId": "EB17D0E8-A0AD-4B1B-A92B-110521975AE0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitachienergy:foxman_un:r16a:*:*:*:*:*:*:*", "matchCriteriaId": "3ED924CD-4EBF-453E-BC07-40EB415F2585" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitachienergy:unem:r9c:*:*:*:*:*:*:*", "matchCriteriaId": "8FB66BE3-1031-4315-AF85-309BE3C35D7D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitachienergy:unem:r10c:*:*:*:*:*:*:*", "matchCriteriaId": "F6DF9081-1544-4A69-9D9E-80759289056B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitachienergy:unem:r11a:*:*:*:*:*:*:*", "matchCriteriaId": "C50E14E9-D2BF-4B6C-BF87-C9E4233D3AD0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitachienergy:unem:r11b:*:*:*:*:*:*:*", "matchCriteriaId": "996564C6-8B44-4E89-A353-79B711A3DBBA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitachienergy:unem:r14a:*:*:*:*:*:*:*", "matchCriteriaId": "6AB8CF64-17F7-488D-9763-A1487ECA405D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitachienergy:unem:r14b:*:*:*:*:*:*:*", "matchCriteriaId": "6E96D583-2EBB-4AB2-A473-A0930E3B8D02" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitachienergy:unem:r15a:*:*:*:*:*:*:*", "matchCriteriaId": "E78C9E5B-5876-4F15-A98A-359193287446" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitachienergy:unem:r15b:*:*:*:*:*:*:*", "matchCriteriaId": "C3168F38-7B9E-4F4D-B6D0-1BAFB5FE05F5" }, { "vulnerable": true, "criteria": "cpe:2.3:a:hitachienergy:unem:r16a:*:*:*:*:*:*:*", "matchCriteriaId": "7ABB4A53-07A0-4F9A-824B-A1AC71CCB44E" } ] } ] } ], "references": [ { "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000155&LanguageCode=en&DocumentPartId=&Action=Launch", "source": "cybersecurity@hitachienergy.com", "tags": [ "Vendor Advisory" ] }, { "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000166&LanguageCode=en&DocumentPartId=&Action=Launch", "source": "cybersecurity@hitachienergy.com", "tags": [ "Vendor Advisory" ] } ] }