PT-2023-12361 · Hitachi Energy · Hitachi Energy Unem+1
Published
2023-01-05
·
Updated
2023-02-06
·
CVE-2021-40341
CVSS v3.1
7.1
High
| Vector | AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Hitachi Energy FOXMAN-UN versions R9C through R16A
Hitachi Energy UNEM versions R9C through R16A
Description
The DES cipher, which has inadequate encryption strength, is used in Hitachi Energy FOXMAN-UN to encrypt user credentials used to access the Network Elements. Successful exploitation allows sensitive information to be decrypted easily.
Recommendations
For Hitachi Energy FOXMAN-UN versions R9C through R16A, consider disabling the DES cipher encryption until a patch is available.
For Hitachi Energy UNEM versions R9C through R16A, consider disabling the DES cipher encryption until a patch is available.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Inadequate Encryption Strength
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Hitachi Energy Foxman-Un
Hitachi Energy Unem