Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
A vulnerability exists in the Workplace X WebUI in which an authenticated user is able to execute any MicroSCADA internal scripts irrespective of the authenticated user's role.
Vulnerability Description
Improper Authorization vulnerability exists in the Workplace X WebUI of the Hitachi Energy MicroSCADA X SYS600 allows an authenticated user to execute any MicroSCADA internal scripts irrespective of the authenticated user's role. This issue affects: Hitachi Energy MicroSCADA X SYS600 version 10 to version 10.3.1. cpe:2.3:a:hitachienergy:microscada_x_sys600:10:*:*:*:*:*:*:* cpe:2.3:a:hitachienergy:microscada_x_sys600:10.1:*:*:*:*:*:*:* cpe:2.3:a:hitachienergy:microscada_x_sys600:10.1.1:*:*:*:*:*:*:* cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2:*:*:*:*:*:*:* cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2.1:*:*:*:*:*:*:* cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3:*:*:*:*:*:*:* cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3.1:*:*:*:*:*:*:*
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
授权机制不恰当
Vulnerability Title
Hitachi Energy MicroSCADA X SYS600 安全漏洞
Vulnerability Description
Hitachi Energy MicroSCADA X SYS600是日本Hitachi公司的一款 SCADA 产品。通过不同设备和系统之间的无缝集成和连接,确保您的开关站的优化控制和可靠运行。 Hitachi Energy MicroSCADA X SYS600 Workplace X WebUI 10至 10.3.1版本存在安全漏洞,该漏洞源于不当授权,经过身份验证的用户能够执行任何MicroSCADA内部脚本,而与经过身份验证的用户的角色无关。
CVSS Information
N/A
Vulnerability Type
N/A