CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
Percentile
17.0%
A vulnerability exists in the webserver that affects the
RTU500 series product versions listed below. A malicious
actor could perform cross-site scripting on the webserver
due to an RDT language file being improperly sanitized.
Vendor | Product | Version | CPE |
---|---|---|---|
hitachienergy | rtu520 | - | cpe:2.3:h:hitachienergy:rtu520:-:*:*:*:*:*:*:* |
hitachienergy | rtu520_firmware | * | cpe:2.3:o:hitachienergy:rtu520_firmware:*:*:*:*:*:*:*:* |
hitachienergy | rtu530 | - | cpe:2.3:h:hitachienergy:rtu530:-:*:*:*:*:*:*:* |
hitachienergy | rtu530_firmware | * | cpe:2.3:o:hitachienergy:rtu530_firmware:*:*:*:*:*:*:*:* |
hitachienergy | rtu540 | - | cpe:2.3:h:hitachienergy:rtu540:-:*:*:*:*:*:*:* |
hitachienergy | rtu540_firmware | * | cpe:2.3:o:hitachienergy:rtu540_firmware:*:*:*:*:*:*:*:* |
hitachienergy | rtu560 | - | cpe:2.3:h:hitachienergy:rtu560:-:*:*:*:*:*:*:* |
hitachienergy | rtu560_firmware | * | cpe:2.3:o:hitachienergy:rtu560_firmware:*:*:*:*:*:*:*:* |