CVE-2021-40342

Published Jan 5, 2023

Last updated a year ago

CVSS critical 9.8

Overview

Description: In the DES implementation, the affected product versions use a default key for encryption. Successful exploitation allows an attacker to obtain sensitive information and gain access to the network elements that are managed by the affected products versions. This issue affects * FOXMAN-UN product: FOXMAN-UN R16A, FOXMAN-UN R15B, FOXMAN-UN R15A, FOXMAN-UN R14B, FOXMAN-UN R14A, FOXMAN-UN R11B, FOXMAN-UN R11A, FOXMAN-UN R10C, FOXMAN-UN R9C; * UNEM product: UNEM R16A, UNEM R15B, UNEM R15A, UNEM R14B, UNEM R14A, UNEM R11B, UNEM R11A, UNEM R10C, UNEM R9C. List of CPEs: * cpe:2.3:a:hitachienergy:foxman-un:R16A:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R15B:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R15A:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R14B:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R14A:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R11B:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R11A:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R10C:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R9C:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R16A:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R15B:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R15A:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R14B:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R14A:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R11B:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R11A:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R10C:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R9C:*:*:*:*:*:*:*
Source: cybersecurity@hitachienergy.com
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 9.8
Impact score: 5.9
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: CRITICAL

Weaknesses

nvd@nist.gov: CWE-287
cybersecurity@hitachienergy.com: CWE-798

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:hitachienergy:foxman-un:r9c:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CF6EBF5E-662C-4B47-A683-05EBA284A1EA"
          },
          {
            "criteria": "cpe:2.3:a:hitachienergy:foxman-un:r10c:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "900AF3F4-5C0B-48B9-91ED-5AABC42C0387"
          },
          {
            "criteria": "cpe:2.3:a:hitachienergy:foxman-un:r11a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9CD89F83-BB89-45D4-BD95-7E9622C60948"
          },
          {
            "criteria": "cpe:2.3:a:hitachienergy:foxman-un:r11b:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "33C7B43C-BC45-4151-BB30-9FBE9E737BE0"
          },
          {
            "criteria": "cpe:2.3:a:hitachienergy:foxman-un:r14a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F1338D86-A03D-4604-A6E5-31244F18D919"
          },
          {
            "criteria": "cpe:2.3:a:hitachienergy:foxman-un:r14b:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B93B58ED-E004-4B52-A691-C771B34DD9C8"
          },
          {
            "criteria": "cpe:2.3:a:hitachienergy:foxman-un:r15a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A7593C74-2882-45D3-AB32-3A45E3AECAAE"
          },
          {
            "criteria": "cpe:2.3:a:hitachienergy:foxman-un:r15b:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "47606044-296D-4561-B9DC-82659BC666F2"
          },
          {
            "criteria": "cpe:2.3:a:hitachienergy:foxman-un:r16a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7EE987B2-0620-44BB-AEA7-4E20CBE44822"
          },
          {
            "criteria": "cpe:2.3:a:hitachienergy:unem:r9c:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8FB66BE3-1031-4315-AF85-309BE3C35D7D"
          },
          {
            "criteria": "cpe:2.3:a:hitachienergy:unem:r10c:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F6DF9081-1544-4A69-9D9E-80759289056B"
          },
          {
            "criteria": "cpe:2.3:a:hitachienergy:unem:r11a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C50E14E9-D2BF-4B6C-BF87-C9E4233D3AD0"
          },
          {
            "criteria": "cpe:2.3:a:hitachienergy:unem:r11b:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "996564C6-8B44-4E89-A353-79B711A3DBBA"
          },
          {
            "criteria": "cpe:2.3:a:hitachienergy:unem:r14a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6AB8CF64-17F7-488D-9763-A1487ECA405D"
          },
          {
            "criteria": "cpe:2.3:a:hitachienergy:unem:r14b:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6E96D583-2EBB-4AB2-A473-A0930E3B8D02"
          },
          {
            "criteria": "cpe:2.3:a:hitachienergy:unem:r15a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E78C9E5B-5876-4F15-A98A-359193287446"
          },
          {
            "criteria": "cpe:2.3:a:hitachienergy:unem:r15b:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C3168F38-7B9E-4F4D-B6D0-1BAFB5FE05F5"
          },
          {
            "criteria": "cpe:2.3:a:hitachienergy:unem:r16a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7ABB4A53-07A0-4F9A-824B-A1AC71CCB44E"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References