Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-35529

Insufficiently Protected Credentials vulnerability in client environment of Hitachi ABB Power Grids Retail Operations and Counterparty Settlement Billing (CSB) allows an attacker or unauthorized user to access database credentials, shut down the product and access or alter. This issue affects: Hitachi ABB Power Grids Retail Operations version 5.7.2 and prior versions. Hitachi ABB Power Grids Counterparty Settlement Billing (CSB) version 5.7.2 and prior versions.

Published

2021-08-20T18:15:07.900

Last Modified

2024-11-21T06:12:27.130

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.7 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:S/C:P/I:P/A:P

  • Access Vector: NETWORK
  • Access Complexity: LOW
  • Authentication: SINGLE
  • Confidentiality Impact: PARTIAL
  • Integrity Impact: PARTIAL
  • Availability Impact: PARTIAL
Exploitability Score

8.0

Impact Score

6.4

Weaknesses
  • Type: Secondary
    CWE-522
  • Type: Primary
    CWE-522
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application hitachienergy counterparty_settlement_and_billing < 5.7.3 Yes
Application hitachienergy retail_operations < 5.7.3 Yes
References