CVE-2022-3929
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.4 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
59.7%
Communication between the client and the server application of the affected products is partially done using CORBA (Common Object Request Broker Architecture) over TCP/IP. This protocol is not encrypted and allows tracing of internal messages.
This issue affects
- FOXMAN-UN product: FOXMAN-UN R15B, FOXMAN-UN R15A, FOXMAN-UN R14B, FOXMAN-UN R14A, FOXMAN-UN R11B, FOXMAN-UN R11A, FOXMAN-UN R10C, FOXMAN-UN R9C;
- UNEM product: UNEM R15B, UNEM R15A, UNEM R14B, UNEM R14A, UNEM R11B, UNEM R11A, UNEM R10C, UNEM R9C.
List of CPEs:
-
cpe:2.3:a:hitachienergy:foxman-un:R15B:::::::*
-
cpe:2.3:a:hitachienergy:foxman-un:R15A:::::::*
-
cpe:2.3:a:hitachienergy:foxman-un:R14B:::::::*
-
cpe:2.3:a:hitachienergy:foxman-un:R14A:::::::*
-
cpe:2.3:a:hitachienergy:foxman-un:R11B:::::::*
-
cpe:2.3:a:hitachienergy:foxman-un:R11A:::::::*
-
cpe:2.3:a:hitachienergy:foxman-un:R10C:::::::*
-
cpe:2.3:a:hitachienergy:foxman-un:R9C:::::::*
-
cpe:2.3:a:hitachienergy:unem:R15B:::::::*
-
cpe:2.3:a:hitachienergy:unem:R15A:::::::*
-
cpe:2.3:a:hitachienergy:unem:R14B:::::::*
-
cpe:2.3:a:hitachienergy:unem:R14A:::::::*
-
cpe:2.3:a:hitachienergy:unem:R11B:::::::*
-
cpe:2.3:a:hitachienergy:unem:R11A:::::::*
-
cpe:2.3:a:hitachienergy:unem:R10C:::::::*
-
cpe:2.3:a:hitachienergy:unem:R9C:::::::*
Affected configurations
| CPE | Name | Operator | Version |
|---|---|---|---|
| hitachienergy:foxman-un | hitachienergy foxman-un | lt | r16a |
| hitachienergy:unem | hitachienergy unem | lt | r16a |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "FOXMAN-UN",
"vendor": "Hitachi Energy",
"versions": [
{
"status": "unaffected",
"version": "FOXMAN-UN R16A"
},
{
"status": "affected",
"version": "FOXMAN-UN R15B"
},
{
"status": "affected",
"version": "FOXMAN-UN R15A"
},
{
"status": "affected",
"version": "FOXMAN-UN R14B"
},
{
"status": "affected",
"version": "FOXMAN-UN R14A"
},
{
"status": "affected",
"version": "FOXMAN-UN R11B"
},
{
"status": "affected",
"version": "FOXMAN-UN R11A"
},
{
"status": "affected",
"version": "FOXMAN-UN R10C"
},
{
"status": "affected",
"version": "FOXMAN-UN R9C"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UNEM",
"vendor": "Hitachi Energy",
"versions": [
{
"status": "unaffected",
"version": "UNEM R16A"
},
{
"status": "affected",
"version": "UNEM R15B"
},
{
"status": "affected",
"version": "UNEM R15A"
},
{
"status": "affected",
"version": "UNEM R14B"
},
{
"status": "affected",
"version": "UNEM R14A"
},
{
"status": "affected",
"version": "UNEM R11B"
},
{
"status": "affected",
"version": "UNEM R11A"
},
{
"status": "affected",
"version": "UNEM R10C"
},
{
"status": "affected",
"version": "UNEM R9C"
}
]
}
]Related
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.4 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
59.7%