Products
SDM600
Source
cybersecurity@hitachienergy.com
Tags
CVE-2024-2377 details
Published : April 30, 2024, 1:15 p.m.
Last Modified : April 30, 2024, 5:52 p.m.
Last Modified : April 30, 2024, 5:52 p.m.
Description
A vulnerability exists in the too permissive HTTP response header web server settings of the SDM600. An attacker can take advantage of this and possibly carry out privileged actions and access sensitive information.
CVSS Score
1 | 2 | 3 | 4 | 5 | 6 | 7.6 | 8 | 9 | 10 |
---|
Weakness
Weakness | Name | Description |
---|
CVSS Data
Attack Vector
ADJACENT_NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
Base Score
7.6
Exploitability Score
Impact Score
Base Severity
HIGH
Vector String : CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
References
URL | Source |
---|---|
https://publisher.hitachienergy.com/preview?DocumentId=8DBD000191&languageCode=en&Preview=true | cybersecurity@hitachienergy.com |
This website uses the NVD API, but is not approved or certified by it.