Overview
- Description
- Insufficiently Protected Credentials vulnerability in client environment of Hitachi ABB Power Grids Retail Operations and Counterparty Settlement Billing (CSB) allows an attacker or unauthorized user to access database credentials, shut down the product and access or alter. This issue affects: Hitachi ABB Power Grids Retail Operations version 5.7.2 and prior versions. Hitachi ABB Power Grids Counterparty Settlement Billing (CSB) version 5.7.2 and prior versions.
- Source
- cybersecurity@hitachienergy.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.2
- Impact score
- 5.9
- Exploitability score
- 1.2
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 6.5
- Impact score
- 6.4
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:P/I:P/A:P
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hitachienergy:counterparty_settlement_and_billing:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "40412B88-CA4D-4D4C-8C09-2A341FFDDBE3",
"versionEndExcluding": "5.7.3"
},
{
"criteria": "cpe:2.3:a:hitachienergy:retail_operations:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "71570D1E-D89C-46B0-B486-5F9D890881F4",
"versionEndExcluding": "5.7.3"
}
],
"operator": "OR"
}
]
}
]