CVE-2023-5767

6.1MEDIUM

Key Information

Vendor: Hitachi
Status: RTU500
Vendor: CVE Published:; 4 December 2023

Summary

A vulnerability exists in the webserver that affects the RTU500 series product versions listed below. A malicious actor could perform cross-site scripting on the webserver due to an RDT language file being improperly sanitized.

Affected Version(s)

RTU500 = RTU500 series CMU Firmware version 12.0.1 – 12.0.14

RTU500 = RTU500 series CMU Firmware version 12.2.1 – 12.2.11

RTU500 = RTU500 series CMU Firmware version 12.4.1 – 12.4.11

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published.
Dec 4, 2023
Vulnerability Reserved.
Oct 25, 2023

Collectors

NVD DatabaseMitre Database