Weak DES encryption
CVE-2021-40341

7.1HIGH

Key Information:

Vendor: Hitachi
Status: Foxman-un; Unem
Vendor: CVE Published:; 5 January 2023

Summary

The FOXMAN-UN and UNEM products by Hitachi Energy utilize the DES cipher for encrypting user credentials, presenting a significant risk due to its inadequate encryption strength. This deficiency enables potential attackers to decrypt sensitive information easily, putting user credentials at risk. Affected versions include multiple iterations of the FOXMAN-UN and UNEM, making it crucial for users to assess their security measures to safeguard sensitive information.

Affected Version(s)

FOXMAN-UN FOXMAN-UN R16A

FOXMAN-UN FOXMAN-UN R15B

FOXMAN-UN FOXMAN-UN R15A

References

https://search.abb.com/library/Download.aspx?DocumentID=8...

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Jan 5, 2023
Vulnerability Reserved
Aug 31, 2021

Collectors

NVD DatabaseMitre Database

Credit

K-Businessom AG, Austria