CVE-2024-28022

A vulnerability exists in the UNEM server / APIGateway that if exploited allows a malicious user to perform an arbitrary number of
authentication attempts using different passwords, and eventually
gain access to other components in the same security realm using
the targeted account.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.5 MEDIUM
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L
Hitachi EnergyCNA
6.5 MEDIUM
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L
CISA-ADPADP
---
---
CVEADP
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 29%
Common Weakness Enumeration
References
https://publisher.hitachienergy.com/preview?DocumentId=8DBD000194&languageCode=en&Preview=true
https://publisher.hitachienergy.com/preview?DocumentId=8DBD000201&languageCode=en&Preview=true
https://publisher.hitachienergy.com/preview?DocumentId=8DBD000194&languageCode=en&Preview=true
https://publisher.hitachienergy.com/preview?DocumentId=8DBD000201&languageCode=en&Preview=true