Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveHitachi EnergyCVE-2021-40341
HistoryJan 05, 2023 - 10:15 p.m.

CVE-2021-40341

2023-01-0522:15:08
CWE-326
Hitachi Energy
web.nvd.nist.gov
36
hitachi
energy
foxman-un
des cipher
user credentials
encryption
vulnerability
cve-2021-40341
unem
nvd

CVSS3

7.1

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

AI Score

5.3

Confidence

High

EPSS

0

Percentile

13.0%

JSON

DES cipher, which has inadequate encryption strength, is used Hitachi Energy FOXMAN-UN to encrypt user credentials used to access the Network Elements. Successful exploitation allows sensitive information to be decrypted easily.Β This issue affects

  • FOXMAN-UN product: FOXMAN-UN R16A, FOXMAN-UN R15B, FOXMAN-UN R15A, FOXMAN-UN R14B, FOXMAN-UN R14A, FOXMAN-UN R11B, FOXMAN-UN R11A, FOXMAN-UN R10C, FOXMAN-UN R9C;
  • UNEM product: UNEM R16A, UNEM R15B, UNEM R15A, UNEM R14B, UNEM R14A, UNEM R11B, UNEM R11A, UNEM R10C, UNEM R9C.

List of CPEs:

  • cpe:2.3:a:hitachienergy:foxman-un:R16A:::::::*
  • cpe:2.3:a:hitachienergy:foxman-un:R15B:::::::*
  • cpe:2.3:a:hitachienergy:foxman-un:R15A:::::::*
  • cpe:2.3:a:hitachienergy:foxman-un:R14B:::::::*
  • cpe:2.3:a:hitachienergy:foxman-un:R14A:::::::*
  • cpe:2.3:a:hitachienergy:foxman-un:R11B:::::::*
  • cpe:2.3:a:hitachienergy:foxman-un:R11A:::::::*
  • cpe:2.3:a:hitachienergy:foxman-un:R10C:::::::*
  • cpe:2.3:a:hitachienergy:foxman-un:R9C:::::::*
  • cpe:2.3:a:hitachienergy:unem:R16A:::::::*
  • cpe:2.3:a:hitachienergy:unem:R15B:::::::*
  • cpe:2.3:a:hitachienergy:unem:R15A:::::::*
  • cpe:2.3:a:hitachienergy:unem:R14B:::::::*
  • cpe:2.3:a:hitachienergy:unem:R14A:::::::*
  • cpe:2.3:a:hitachienergy:unem:R11B:::::::*
  • cpe:2.3:a:hitachienergy:unem:R11A:::::::*
  • cpe:2.3:a:hitachienergy:unem:R10C:::::::*
  • cpe:2.3:a:hitachienergy:unem:R9C:::::::*

Affected configurations

Nvd
Node
hitachienergyfoxman-unMatchr9c
OR
hitachienergyfoxman-unMatchr10c
OR
hitachienergyfoxman-unMatchr11a
OR
hitachienergyfoxman-unMatchr11b
OR
hitachienergyfoxman-unMatchr14a
OR
hitachienergyfoxman-unMatchr14b
OR
hitachienergyfoxman-unMatchr15a
OR
hitachienergyfoxman-unMatchr15b
OR
hitachienergyfoxman-unMatchr16a
OR
hitachienergyunemMatchr9c
OR
hitachienergyunemMatchr10c
OR
hitachienergyunemMatchr11a
OR
hitachienergyunemMatchr11b
OR
hitachienergyunemMatchr14a
OR
hitachienergyunemMatchr14b
OR
hitachienergyunemMatchr15a
OR
hitachienergyunemMatchr15b
OR
hitachienergyunemMatchr16a
VendorProductVersionCPE
hitachienergyfoxman-unr9ccpe:2.3:a:hitachienergy:foxman-un:r9c:*:*:*:*:*:*:*
hitachienergyfoxman-unr10ccpe:2.3:a:hitachienergy:foxman-un:r10c:*:*:*:*:*:*:*
hitachienergyfoxman-unr11acpe:2.3:a:hitachienergy:foxman-un:r11a:*:*:*:*:*:*:*
hitachienergyfoxman-unr11bcpe:2.3:a:hitachienergy:foxman-un:r11b:*:*:*:*:*:*:*
hitachienergyfoxman-unr14acpe:2.3:a:hitachienergy:foxman-un:r14a:*:*:*:*:*:*:*
hitachienergyfoxman-unr14bcpe:2.3:a:hitachienergy:foxman-un:r14b:*:*:*:*:*:*:*
hitachienergyfoxman-unr15acpe:2.3:a:hitachienergy:foxman-un:r15a:*:*:*:*:*:*:*
hitachienergyfoxman-unr15bcpe:2.3:a:hitachienergy:foxman-un:r15b:*:*:*:*:*:*:*
hitachienergyfoxman-unr16acpe:2.3:a:hitachienergy:foxman-un:r16a:*:*:*:*:*:*:*
hitachienergyunemr9ccpe:2.3:a:hitachienergy:unem:r9c:*:*:*:*:*:*:*
Rows per page:
1-10 of 181

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "FOXMAN-UN",
    "vendor": "Hitachi Energy",
    "versions": [
      {
        "status": "affected",
        "version": "FOXMAN-UN R16A"
      },
      {
        "status": "affected",
        "version": "FOXMAN-UN R15B"
      },
      {
        "status": "affected",
        "version": "FOXMAN-UN R15A"
      },
      {
        "status": "affected",
        "version": "FOXMAN-UN R14B"
      },
      {
        "status": "affected",
        "version": "FOXMAN-UN R14A"
      },
      {
        "status": "affected",
        "version": "FOXMAN-UN R11B"
      },
      {
        "status": "affected",
        "version": "FOXMAN-UN R11A"
      },
      {
        "status": "affected",
        "version": "FOXMAN-UN R10C"
      },
      {
        "status": "affected",
        "version": "FOXMAN-UN R9C"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "UNEM",
    "vendor": "Hitachi Energy",
    "versions": [
      {
        "status": "affected",
        "version": "UNEM R16A"
      },
      {
        "status": "affected",
        "version": "UNEM R15B"
      },
      {
        "status": "affected",
        "version": "UNEM R15A"
      },
      {
        "status": "affected",
        "version": "UNEM R14B"
      },
      {
        "status": "affected",
        "version": "UNEM R14A"
      },
      {
        "status": "affected",
        "version": "UNEM R11B"
      },
      {
        "status": "affected",
        "version": "UNEM R11A"
      },
      {
        "status": "affected",
        "version": "UNEM R10C"
      },
      {
        "status": "affected",
        "version": "UNEM R9C"
      }
    ]
  }
]

Related

prion 1
cvelist 1
nvd 1
ics 2
prion
prion
Code injection
2023-01-05 22:15:00
cvelist
cvelist
CVE-2021-40341 Weak DES encryption
2023-01-05 21:26:42
nvd
nvd
CVE-2021-40341
2023-01-05 22:15:08
ics
ics
Hitachi Energy FOXMAN-UN
2023-01-05 12:00:00
Hitachi Energy UNEM
2023-01-11 12:00:00

CVSS3

7.1

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

AI Score

5.3

Confidence

High

EPSS

0

Percentile

13.0%

JSON
Related for CVE-2021-40341
prion1cvelist1nvd1ics2