gsd - gsd-2024-2462

gsd-2024-2462

Vulnerability from gsd

Modified

2024-04-02 05:02

Details

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

Aliases

CVE-2024-2462

To clipboard

{
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2024-2462"
      ],
      "id": "GSD-2024-2462",
      "modified": "2024-04-02T05:02:53.341249Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2024-2462",
        "STATE": "RESERVED"
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
          }
        ]
      }
    }
  }
}

CVE-2024-2462 (GCVE-0-2024-2462)

Vulnerability from cvelistv5

Published

2024-06-11 12:48

Modified

2024-08-01 19:11

Severity ?

6.8 (Medium) - CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:H/SC:L/SI:N/SA:H

CWE

CWE-297 - Improper Validation of Certificate with Host Mismatch

Summary

Allow attackers to intercept or falsify data exchanges between the client and the server

References

URL

Tags

https://publisher.hitachienergy.com/preview?DocumentId=8DBD000198&languageCode=en&Preview=true

Impacted products

Vendor

Product

Version

Version: 0   <
Patch: FOXMAN-UN R16B PC3
Version: 0   <
Patch: FOXMAN-UN R15B PC5
Version: FOXMAN-UN R16A   <
Version: FOXMAN-UN R15A   <

	Hitachi Energy	FOX61x	Version: 0 < FOX61x R16B Patch: FOX61x R16B
	Hitachi Energy	FOXCST	Version: 0 < FOXCST_16.2.1 Patch: FOXCST_16.2.1
	Hitachi Energy	UNEM	Version: 0 < Patch: UNEM R16B PC3 Version: 0 < Patch: UNEM R15B PC5 Version: UNEM R16A < Version: UNEM R15A <
	Hitachi Energy	XMC20	Version: R16B <
	Hitachi Energy	ECST	Version: ECST_16.2.1 <

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:hitachi_energy:foxman-un:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "foxman-un",
            "vendor": "hitachi_energy",
            "versions": [
              {
                "lessThanOrEqual": "FOXMAN-UN R16B PC2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "status": "unaffected",
                "version": "FOXMAN-UN R16B PC3"
              },
              {
                "lessThanOrEqual": "FOXMAN-UN R15B PC4",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "status": "unaffected",
                "version": "FOXMAN-UN R15B PC5"
              },
              {
                "status": "affected",
                "version": "FOXMAN-UN R16A"
              },
              {
                "status": "affected",
                "version": "FOXMAN-UN R15A"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:hitachi_energy:fox61x:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "fox61x",
            "vendor": "hitachi_energy",
            "versions": [
              {
                "lessThan": "FOX61x R16B",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "status": "unaffected",
                "version": "FOX61x R16B"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:hitachi_energy:foxcst:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "foxcst",
            "vendor": "hitachi_energy",
            "versions": [
              {
                "lessThan": "FOXCST_16.2.1",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "status": "unaffected",
                "version": "FOXCST_16.2.1"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:hitachi_energy:unem:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "unem",
            "vendor": "hitachi_energy",
            "versions": [
              {
                "lessThanOrEqual": "UNEM R16B PC2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "status": "unaffected",
                "version": "UNEM R16B PC3"
              },
              {
                "lessThanOrEqual": "UNEM R15B PC4",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "status": "unaffected",
                "version": "UNEM R15B PC5"
              },
              {
                "status": "affected",
                "version": "UNEM R16A"
              },
              {
                "status": "affected",
                "version": "UNEM R15A"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:hitachi_energy:xmc20:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "xmc20",
            "vendor": "hitachi_energy",
            "versions": [
              {
                "status": "affected",
                "version": "R16B"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:hitachi_energy:ecst:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "ecst",
            "vendor": "hitachi_energy",
            "versions": [
              {
                "status": "affected",
                "version": "ECST_16.2.1"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-2462",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-12T18:31:01.584910Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-12T19:06:16.825Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T19:11:53.576Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://publisher.hitachienergy.com/preview?DocumentId=8DBD000198\u0026languageCode=en\u0026Preview=true"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "FOXMAN-UN",
          "vendor": "Hitachi Energy",
          "versions": [
            {
              "lessThanOrEqual": "FOXMAN-UN R16B PC2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "FOXMAN-UN R16B PC3",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "FOXMAN-UN R15B PC4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "FOXMAN-UN R15B PC5",
              "versionType": "custom"
            },
            {
              "status": "affected",
              "version": "FOXMAN-UN R16A",
              "versionType": "custom"
            },
            {
              "status": "affected",
              "version": "FOXMAN-UN R15A",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "FOX61x",
          "vendor": "Hitachi Energy",
          "versions": [
            {
              "lessThan": "FOX61x R16B",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "FOX61x R16B",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "FOXCST",
          "vendor": "Hitachi Energy",
          "versions": [
            {
              "lessThan": "FOXCST_16.2.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "FOXCST_16.2.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "UNEM",
          "vendor": "Hitachi Energy",
          "versions": [
            {
              "lessThanOrEqual": "UNEM R16B PC2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "UNEM R16B PC3",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "UNEM R15B PC4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "UNEM R15B PC5",
              "versionType": "custom"
            },
            {
              "status": "affected",
              "version": "UNEM R16A",
              "versionType": "custom"
            },
            {
              "status": "affected",
              "version": "UNEM R15A",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "XMC20",
          "vendor": "Hitachi Energy",
          "versions": [
            {
              "status": "affected",
              "version": "R16B",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "ECST",
          "vendor": "Hitachi Energy",
          "versions": [
            {
              "status": "affected",
              "version": "ECST_16.2.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Allow attackers to intercept or falsify data exchanges between the client \nand the server\n\n"
            }
          ],
          "value": "Allow attackers to intercept or falsify data exchanges between the client \nand the server"
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "PHYSICAL",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "HIGH",
            "subConfidentialityImpact": "LOW",
            "subIntegrityImpact": "NONE",
            "userInteraction": "ACTIVE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:H/SC:L/SI:N/SA:H",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "LOW",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-297",
              "description": "CWE-297 Improper Validation of Certificate with Host Mismatch",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-11T12:48:57.963Z",
        "orgId": "e383dce4-0c27-4495-91c4-0db157728d17",
        "shortName": "Hitachi Energy"
      },
      "references": [
        {
          "url": "https://publisher.hitachienergy.com/preview?DocumentId=8DBD000198\u0026languageCode=en\u0026Preview=true"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "e383dce4-0c27-4495-91c4-0db157728d17",
    "assignerShortName": "Hitachi Energy",
    "cveId": "CVE-2024-2462",
    "datePublished": "2024-06-11T12:48:57.963Z",
    "dateReserved": "2024-03-14T17:09:59.755Z",
    "dateUpdated": "2024-08-01T19:11:53.576Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Log in or create an account to share your comment.

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.