CVE-2024-2012

vulnerability exists in the FOXMAN-UN/UNEM server / API Gateway that if exploited an attacker could use to allow unintended commands or code to be executed on the UNEM server allowing sensitive data to be read or modified or could cause other unintended behavior
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:hitachienergy:foxman-un:r15a:*:*:*:*:*:*:*
cpe:2.3:a:hitachienergy:foxman-un:r15b:pc4:*:*:*:*:*:*
cpe:2.3:a:hitachienergy:foxman-un:r16a:*:*:*:*:*:*:*
cpe:2.3:a:hitachienergy:foxman-un:r16b:pc2:*:*:*:*:*:*
cpe:2.3:a:hitachienergy:unem:r15a:*:*:*:*:*:*:*
cpe:2.3:a:hitachienergy:unem:r15b:pc4:*:*:*:*:*:*
cpe:2.3:a:hitachienergy:unem:r15b:pc5:*:*:*:*:*:*
cpe:2.3:a:hitachienergy:unem:r16a:*:*:*:*:*:*:*
cpe:2.3:a:hitachienergy:unem:r16b:pc2:*:*:*:*:*:*

History

15 Aug 2024, 21:19

Type Values Removed Values Added
First Time Hitachienergy unem
Hitachienergy
Hitachienergy foxman-un
CWE NVD-CWE-noinfo
References () https://publisher.hitachienergy.com/preview?DocumentId=8DBD000201&languageCode=en&Preview=true - () https://publisher.hitachienergy.com/preview?DocumentId=8DBD000201&languageCode=en&Preview=true - Vendor Advisory
CPE cpe:2.3:a:hitachienergy:foxman-un:r16b:pc2:*:*:*:*:*:*
cpe:2.3:a:hitachienergy:unem:r16b:pc2:*:*:*:*:*:*
cpe:2.3:a:hitachienergy:unem:r15b:pc4:*:*:*:*:*:*
cpe:2.3:a:hitachienergy:foxman-un:r16a:*:*:*:*:*:*:*
cpe:2.3:a:hitachienergy:foxman-un:r15a:*:*:*:*:*:*:*
cpe:2.3:a:hitachienergy:unem:r16a:*:*:*:*:*:*:*
cpe:2.3:a:hitachienergy:unem:r15a:*:*:*:*:*:*:*
cpe:2.3:a:hitachienergy:foxman-un:r15b:pc4:*:*:*:*:*:*
cpe:2.3:a:hitachienergy:unem:r15b:pc5:*:*:*:*:*:*
CVSS v2 : unknown
v3 : 9.1
v2 : unknown
v3 : 9.8

13 Jun 2024, 18:36

Type Values Removed Values Added
Summary
  • (es) Existe una vulnerabilidad en el servidor FOXMAN-UN/UNEM API Gateway que, si se explota, un atacante podría usar para permitir que se ejecuten comandos o códigos no deseados en el servidor UNEM, lo que permitiría leer o modificar datos confidenciales o podría causar otro comportamiento no deseado.

11 Jun 2024, 14:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-06-11 14:15

Updated : 2024-08-15 21:19


NVD link : CVE-2024-2012

Mitre link : CVE-2024-2012

CVE.ORG link : CVE-2024-2012


JSON object : View

Products Affected

hitachienergy

  • foxman-un
  • unem
CWE
NVD-CWE-noinfo CWE-288

Authentication Bypass Using an Alternate Path or Channel