Information Exposure vulnerability in Hitachi ABB Power Grids eSOMS allows unauthorized user to gain access to report data if the URL used to access the report is discovered. This issue affects: Hitachi ABB Power Grids eSOMS 6.0 versions prior to 6.0.4.2.2; 6.1 versions prior to 6.1.4; 6.3 versions prior to 6.3.
Una vulnerabilidad de Exposición de Información en Hitachi ABB Power Grids eSOMS, permite a un usuario no autorizado acceder a los datos de los reportes si se detecta la URL utilizada para acceder al reporte. Este problema afecta a: Hitachi ABB Power Grids eSOMS versiones 6.0 anteriores a 6.0.4.2.2; versiones 6.1 anteriores a 6.1.4; versiones 6.3 anteriores a 6.3
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
| Attack Vector | NETWORK |
|---|---|
| Attack Complexity | LOW |
| Privileges Required | NONE |
| User Interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality Impact | HIGH |
| Integrity Impact | NONE |
| Availability Impact | NONE |
AV:N/AC:L/Au:N/C:P/I:N/A:N
| Access Vector | NETWORK |
|---|---|
| Access Complexity | LOW |
| Authentication | NONE |
| Confidentiality Impact | PARTIAL |
| Integrity Impact | NONE |
| Availability Impact | NONE |
| Source | Type | Description |
|---|---|---|
| [email protected] | Primary |
en
CWE-863
|
| Vendor | Product | Version | Update | Type |
|---|---|---|---|---|
| hitachienergy | esoms | * | <built-in method update of dict object at 0x72a99a7f2d00> | Application |
| hitachienergy | esoms | * | <built-in method update of dict object at 0x72a9b0b139c0> | Application |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:a:hitachienergy:esoms:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:hitachienergy:esoms:*:*:*:*:*:*:*:* |