CVE-2023-5769 MEDIUM

Published: 2023-12-14 | Last Modified: 2026-02-27 | Status: Analyzed

Description

A vulnerability exists in the webserver that affects the RTU500 series product versions listed below. A malicious actor could perform cross-site scripting on the webserver due to user input being improperly sanitized.

Additional Descriptions (1)

Existe una vulnerabilidad en el servidor web que afecta a las versiones de productos de RTU500 series que se enumeran a continuación. Un actor malintencionado podría realizar Cross-Site Scripting en el servidor web debido a que la entrada del usuario se sanitizo incorrectamente.

CVSS Metrics

Base Score: 6.1 (MEDIUM)

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Attack Vector	NETWORK
Attack Complexity	LOW
Privileges Required	NONE
User Interaction	REQUIRED
Scope	CHANGED
Confidentiality Impact	LOW
Integrity Impact	LOW
Availability Impact	NONE

Source: [email protected]

Type: Primary

Exploitability Score: 2.8

Impact Score: 2.7

Weaknesses

Source	Type	Description
[email protected]	Primary	en CWE-79

Affected Products

Vendor	Product	Version	Update	Type
hitachienergy	rtu520_firmware	*	<built-in method update of dict object at 0x72a9cc7edcc0>	Operating System
hitachienergy	rtu520_firmware	*	<built-in method update of dict object at 0x72a9b0a77b00>	Operating System
hitachienergy	rtu520_firmware	*	<built-in method update of dict object at 0x72a9cc7ee240>	Operating System
hitachienergy	rtu520_firmware	*	<built-in method update of dict object at 0x72a9b0d8c980>	Operating System
hitachienergy	rtu520_firmware	*	<built-in method update of dict object at 0x72a9cc7eee40>	Operating System
hitachienergy	rtu520_firmware	*	<built-in method update of dict object at 0x72a9cc7ed0c0>	Operating System
hitachienergy	rtu520_firmware	*	<built-in method update of dict object at 0x72a9cd0bc0c0>	Operating System
hitachienergy	rtu530_firmware	*	<built-in method update of dict object at 0x72a9b0d8d0c0>	Operating System
hitachienergy	rtu530_firmware	*	<built-in method update of dict object at 0x72a9cd0be7c0>	Operating System
hitachienergy	rtu530_firmware	*	<built-in method update of dict object at 0x72a9cc7ee6c0>	Operating System
hitachienergy	rtu530_firmware	*	<built-in method update of dict object at 0x72a9b0d8e9c0>	Operating System
hitachienergy	rtu530_firmware	*	<built-in method update of dict object at 0x72a9cc7ec180>	Operating System
hitachienergy	rtu530_firmware	*	<built-in method update of dict object at 0x72a9cc7eda00>	Operating System
hitachienergy	rtu530_firmware	*	<built-in method update of dict object at 0x72a9cc7edc40>	Operating System
hitachienergy	rtu540_firmware	*	<built-in method update of dict object at 0x72a9b0a76040>	Operating System
hitachienergy	rtu540_firmware	*	<built-in method update of dict object at 0x72a9b0a76500>	Operating System
hitachienergy	rtu540_firmware	*	<built-in method update of dict object at 0x72a9cc7ec3c0>	Operating System
hitachienergy	rtu540_firmware	*	<built-in method update of dict object at 0x72a9b0d8d380>	Operating System
hitachienergy	rtu540_firmware	*	<built-in method update of dict object at 0x72a9b0d8e600>	Operating System
hitachienergy	rtu540_firmware	*	<built-in method update of dict object at 0x72a9b0d8fdc0>	Operating System
hitachienergy	rtu540_firmware	*	<built-in method update of dict object at 0x72a9cc747740>	Operating System
hitachienergy	rtu560_firmware	*	<built-in method update of dict object at 0x72a9cc7ee200>	Operating System
hitachienergy	rtu560_firmware	*	<built-in method update of dict object at 0x72a9b0a75c40>	Operating System
hitachienergy	rtu560_firmware	*	<built-in method update of dict object at 0x72a9cc7ec780>	Operating System
hitachienergy	rtu560_firmware	*	<built-in method update of dict object at 0x72a9cc744c40>	Operating System
hitachienergy	rtu560_firmware	*	<built-in method update of dict object at 0x72a9b0a75600>	Operating System
hitachienergy	rtu560_firmware	*	<built-in method update of dict object at 0x72a9b0d8cb00>	Operating System
hitachienergy	rtu560_firmware	*	<built-in method update of dict object at 0x72a9b0a76f00>	Operating System

Affected Configurations

Operator: OR

Vulnerable	CPE
Yes	`cpe:2.3:o:hitachienergy:rtu520_firmware::::::::`
Yes	`cpe:2.3:o:hitachienergy:rtu520_firmware::::::::`
Yes	`cpe:2.3:o:hitachienergy:rtu520_firmware::::::::`
Yes	`cpe:2.3:o:hitachienergy:rtu520_firmware::::::::`
Yes	`cpe:2.3:o:hitachienergy:rtu520_firmware::::::::`
Yes	`cpe:2.3:o:hitachienergy:rtu520_firmware::::::::`
Yes	`cpe:2.3:o:hitachienergy:rtu520_firmware::::::::`

Operator: OR

Vulnerable	CPE
No	`cpe:2.3:h:hitachienergy:rtu520:-:::::::*`

Operator: OR

Vulnerable	CPE
Yes	`cpe:2.3:o:hitachienergy:rtu530_firmware::::::::`
Yes	`cpe:2.3:o:hitachienergy:rtu530_firmware::::::::`
Yes	`cpe:2.3:o:hitachienergy:rtu530_firmware::::::::`
Yes	`cpe:2.3:o:hitachienergy:rtu530_firmware::::::::`
Yes	`cpe:2.3:o:hitachienergy:rtu530_firmware::::::::`
Yes	`cpe:2.3:o:hitachienergy:rtu530_firmware::::::::`
Yes	`cpe:2.3:o:hitachienergy:rtu530_firmware::::::::`

Operator: OR

Vulnerable	CPE
No	`cpe:2.3:h:hitachienergy:rtu530:-:::::::*`

Operator: OR

Vulnerable	CPE
Yes	`cpe:2.3:o:hitachienergy:rtu540_firmware::::::::`
Yes	`cpe:2.3:o:hitachienergy:rtu540_firmware::::::::`
Yes	`cpe:2.3:o:hitachienergy:rtu540_firmware::::::::`
Yes	`cpe:2.3:o:hitachienergy:rtu540_firmware::::::::`
Yes	`cpe:2.3:o:hitachienergy:rtu540_firmware::::::::`
Yes	`cpe:2.3:o:hitachienergy:rtu540_firmware::::::::`
Yes	`cpe:2.3:o:hitachienergy:rtu540_firmware::::::::`

Operator: OR

Vulnerable	CPE
No	`cpe:2.3:h:hitachienergy:rtu540:-:::::::*`

Operator: OR

Vulnerable	CPE
Yes	`cpe:2.3:o:hitachienergy:rtu560_firmware::::::::`
Yes	`cpe:2.3:o:hitachienergy:rtu560_firmware::::::::`
Yes	`cpe:2.3:o:hitachienergy:rtu560_firmware::::::::`
Yes	`cpe:2.3:o:hitachienergy:rtu560_firmware::::::::`
Yes	`cpe:2.3:o:hitachienergy:rtu560_firmware::::::::`
Yes	`cpe:2.3:o:hitachienergy:rtu560_firmware::::::::`
Yes	`cpe:2.3:o:hitachienergy:rtu560_firmware::::::::`

Operator: OR

Vulnerable	CPE
No	`cpe:2.3:h:hitachienergy:rtu560:-:::::::*`

References

https://publisher.hitachienergy.com/preview?DocumentId=8DBD000176&languageCode=en&Preview=true
Source: [email protected]

Vendor Advisory
https://publisher.hitachienergy.com/preview?DocumentId=8DBD000176&languageCode=en&Preview=true
Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory