Home/Product/hitachienergy foxman un
Product

hitachienergy foxman un

13 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2024-28024
all versions
A vulnerability exists in the FOXMAN-UN/UNEM in which sensitive information is stored in cleartext within a resource that might b
4.1MEDIUM
 CVE-2024-28022
all versions
A vulnerability exists in the UNEM server / APIGateway that if exploited allows a malicious user to perform an arbitrary number of
6.5MEDIUM
 CVE-2024-28020
all versions
A user/password reuse vulnerability exists in the FOXMAN-UN/UNEM application and server management. If exploited a malicious high-
8.0HIGH
 CVE-2024-2013
all versions
An authentication bypass vulnerability exists in the FOXMAN-UN/UNEM server / API Gateway component that if exploited allows attack
10.0CRITICAL
 CVE-2024-2012
all versions
vulnerability exists in the FOXMAN-UN/UNEM server / API Gateway that if exploited an attacker could use to allow unintended comman
9.1CRITICAL
 CVE-2024-2011
all versions
A heap-based buffer overflow vulnerability exists in the FOXMAN-UN/UNEM that if exploited will generally lead to a denial of servi
8.6HIGH
 CVE-2024-28021
all versions
A vulnerability exists in the FOXMAN-UN/UNEM server that affects the message queueing mechanism’s certificate validation. If ex
7.4HIGH
 CVE-2023-1711
all versions
A vulnerability exists in a FOXMAN-UN and UNEM logging component, it only affects systems that use remote authentication to the ne
4.0MEDIUM
 CVE-2022-3929
< r16a
Communication between the client and the server application of the affected products is partially done using CORBA (Common Object
8.3HIGH
 CVE-2022-3928
< r16a
Hardcoded credential is found in affected products' message queue. An attacker that manages to exploit this vulnerability will be
7.1HIGH
 CVE-2022-3927
< r16a
The affected products store both public and private key that are used to sign and protect Custom Parameter Set (CPS) file from mod
8.0HIGH
 CVE-2021-40342
all versions
In the DES implementation, the affected product versions use a default key for encryption. Successful exploitation allows an attac
7.1HIGH
 CVE-2021-40341
all versions
DES cipher, which has inadequate encryption strength, is used Hitachi Energy FOXMAN-UN to encrypt user credentials used to access
7.1HIGH
SOC and Response
CVE triage
Stack monitoring
Am I affected
IOC triage
KEV catalog
Daily brief
Change tracking
Detection Engineering
Coverage workspace
Detection coverage
Coverage check
Telemetry ceiling
SIEM query builder
Sigma rules
SIEM rules
YARA rules
Network rules
D3FEND
Threat Hunting
Threat actors
ATT&CK techniques
Attack paths
Indicators
Atomic tests
Red Team and Pentest
Exploitability triage
Recon pack
Attack paths
CAPEC patterns
Adversary emulation
Compliance and GRC
Framework mapping
Control assessment
Audit view
Coverage report
Atlas Search Threat actors Techniques Tools & malware CWE CAPEC KEV catalog Package vulns
About All capabilities Pricing API docs Live status Privacy policy Terms of service
threatengine.sh