Overview
- Description
- Missing Handler vulnerability in the proprietary management protocol (port TCP 5558) of Hitachi Energy FOX61x, XCM20 allows an attacker that exploits the vulnerability by activating SSH on port TCP 5558 to cause disruption to the NMS and NE communication. This issue affects: Hitachi Energy FOX61x versions prior to R15A. Hitachi Energy XCM20 versions prior to R15A.
- Source
- cybersecurity@hitachienergy.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:N/I:N/A:P
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
- cybersecurity@hitachienergy.com
- CWE-431
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hitachienergy:fox615:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "0B82C2DB-DBDB-42F1-AB11-AE52A9F22D3E"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hitachienergy:fox615_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CE81A477-A997-40A8-967C-37214CDF355A",
"versionEndExcluding": "r15a"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hitachienergy:xcm20:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "7DCEDF0E-CC13-4366-A88C-15651D68CDF6"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hitachienergy:xcm20_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8C51C90A-1888-4C9E-9D7C-DACF71931A73",
"versionEndExcluding": "r15a"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]