CVE-2021-40339

Configuration vulnerability in Hitachi Energy LinkOne application due to the lack of HTTP Headers, allows an attacker that manages to exploit this vulnerability to retrieve sensitive information. This issue affects: Hitachi Energy LinkOne 3.20; 3.22; 3.23; 3.24; 3.25; 3.26.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
3.7 LOW
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
hitachilinkone
3.20
hitachilinkone
3.22
hitachilinkone
3.23
hitachilinkone
3.24
hitachilinkone
3.25
hitachilinkone
3.26
𝑥
= Vulnerable software versions
References
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000079&LanguageCode=en&DocumentPartId=&Action=Launch
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000079&LanguageCode=en&DocumentPartId=&Action=Launch