The MicroSCADA Pro/X SYS600 product allows an authenticated user input to control or influence paths or file names
that are used in filesystem operations. If exploited the vulnerability allows the attacker to access or modify system files or
other files that are critical to the application.
References
Link | Resource |
---|---|
https://publisher.hitachienergy.com/preview?DocumentID=8DBD000160&LanguageCode=en&DocumentPartId=&Action=Launch | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
30 Oct 2024, 15:33
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:hitachienergy:microscada_pro_sys600:9.4:fixpack_2_hf5:*:*:*:*:*:* cpe:2.3:a:hitachienergy:microscada_pro_sys600:9.4:fixpack_1:*:*:*:*:*:* cpe:2.3:a:hitachienergy:microscada_pro_sys600:9.4:fixpack_2_hf4:*:*:*:*:*:* cpe:2.3:a:hitachienergy:microscada_pro_sys600:9.4:fixpack_2_hf3:*:*:*:*:*:* cpe:2.3:a:hitachienergy:microscada_pro_sys600:9.4:fixpack_2_hf2:*:*:*:*:*:* cpe:2.3:a:hitachienergy:microscada_pro_sys600:9.4:fixpack_2_hf1:*:*:*:*:*:* |
|
First Time |
Hitachienergy microscada Pro Sys600
|
|
CWE |
29 Oct 2024, 14:15
Type | Values Removed | Values Added |
---|---|---|
Summary | (en) The MicroSCADA Pro/X SYS600 product allows an authenticated user input to control or influence paths or file names that are used in filesystem operations. If exploited the vulnerability allows the attacker to access or modify system files or other files that are critical to the application. |
30 Aug 2024, 16:15
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-22 |
28 Aug 2024, 16:32
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
|
First Time |
Hitachienergy
Hitachienergy microscada X Sys600 |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
CPE | cpe:2.3:a:hitachienergy:microscada_x_sys600:*:*:*:*:*:*:*:* | |
References | () https://publisher.hitachienergy.com/preview?DocumentID=8DBD000160&LanguageCode=en&DocumentPartId=&Action=Launch - Vendor Advisory |
27 Aug 2024, 13:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-08-27 13:15
Updated : 2024-10-30 15:33
NVD link : CVE-2024-3980
Mitre link : CVE-2024-3980
CVE.ORG link : CVE-2024-3980
JSON object : View
Products Affected
hitachienergy
- microscada_x_sys600
- microscada_pro_sys600
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')