OWASP Related Vulnerabilities in Hitachi Energy’s LinkOne Product
CVE-2021-40338

3.7LOW

Key Information:

Vendor: Hitachi
Status: Linkone
Vendor: CVE Published:; 28 January 2022

Summary

Hitachi Energy LinkOne product, has a vulnerability due to a web server misconfiguration, that enables debug mode and reveals the full path of the filesystem directory when an attacker generates errors during a query operation. This issue affects: Hitachi Energy LinkOne 3.20; 3.22; 3.23; 3.24; 3.25; 3.26.

References

https://search.abb.com/library/Download.aspx?DocumentID=8...

x_refsource_CONFIRM

CVSS V3.1

Score:

3.7

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 28, 2022
Vulnerability Reserved
Aug 31, 2021

Credit

Hitachi Energy thanks the following for working with us to help protect our customers: Compañía Minera Doña Inés de Collahuasi SCM.