Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Insufficient Security Control Vulnerability
Vulnerability Description
Insufficient security control vulnerability in internal database access mechanism of Hitachi Energy Relion 670/650/SAM600-IO, Relion 650, GMS600, PWC600 allows attacker who successfully exploited this vulnerability, of which the product does not sufficiently restrict access to an internal database tables, could allow anybody with user credentials to bypass security controls that is enforced by the product. Consequently, exploitation may lead to unauthorized modifications on data/firmware, and/or to permanently disabling the product. This issue affects: Hitachi Energy Relion 670 Series 2.0 all revisions; 2.2.2 all revisions; 2.2.3 versions prior to 2.2.3.5. Hitachi Energy Relion 670/650 Series 2.1 all revisions. 2.2.0 all revisions; 2.2.4 all revisions; Hitachi Energy Relion 670/650/SAM600-IO 2.2.1 all revisions; 2.2.5 versions prior to 2.2.5.2. Hitachi Energy Relion 650 1.0 all revisions. 1.1 all revisions; 1.2 all revisions; 1.3 versions prior to 1.3.0.8; Hitachi Energy GMS600 1.3.0; 1.3.0.1; 1.2.0. Hitachi Energy PWC600 1.0.1 version 1.0.1.4 and prior versions; 1.1.0 version 1.1.0.1 and prior versions.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
不充分特权处理不恰当
Vulnerability Title
Hitachi Energy Relion 访问控制错误漏洞
Vulnerability Description
Hitachi Energy Relion是瑞士日立能源(Hitachi Energy)公司的用于保护,控制,测量和监视为电力系统。 Hitachi Energy Relion 670/650/SAM600-IO、Relion 650、GMS600、PWC600的内部数据库访问机制中存在安全漏洞,该漏洞源于产品没有充分限制对内部数据库表的访问,可以允许任何拥有用户凭据的人绕过产品强制执行的安全控制。此问题影响:Hitachi Energy Relion 670 Series 2.0 所有版本;2.2.2
CVSS Information
N/A
Vulnerability Type
N/A