A vulnerability exists in the webserver that affects the
RTU500 series product versions listed below. A malicious
actor could perform cross-site scripting on the webserver
due to an RDT language file being improperly sanitized.
References
Link | Resource |
---|---|
https://publisher.hitachienergy.com/preview?DocumentId=8DBD000176&languageCode=en&Preview=true | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
History
07 Dec 2023, 17:54
Type | Values Removed | Values Added |
---|---|---|
First Time |
Hitachienergy rtu530
Hitachienergy rtu560 Hitachienergy rtu540 Hitachienergy rtu520 Firmware Hitachienergy rtu540 Firmware Hitachienergy rtu560 Firmware Hitachienergy Hitachienergy rtu530 Firmware Hitachienergy rtu520 |
|
References | () https://publisher.hitachienergy.com/preview?DocumentId=8DBD000176&languageCode=en&Preview=true - Vendor Advisory | |
CPE | cpe:2.3:o:hitachienergy:rtu560_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:hitachienergy:rtu520:-:*:*:*:*:*:*:* cpe:2.3:h:hitachienergy:rtu560:-:*:*:*:*:*:*:* cpe:2.3:o:hitachienergy:rtu530_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:hitachienergy:rtu530:-:*:*:*:*:*:*:* cpe:2.3:o:hitachienergy:rtu540_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:hitachienergy:rtu540:-:*:*:*:*:*:*:* cpe:2.3:o:hitachienergy:rtu520_firmware:*:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.1 |
CWE | CWE-79 |
04 Dec 2023, 15:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-12-04 15:15
Updated : 2024-02-28 20:54
NVD link : CVE-2023-5767
Mitre link : CVE-2023-5767
CVE.ORG link : CVE-2023-5767
JSON object : View
Products Affected
hitachienergy
- rtu540_firmware
- rtu540
- rtu530
- rtu520
- rtu530_firmware
- rtu520_firmware
- rtu560_firmware
- rtu560
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')