← Back

CVE-2024-9929

nvd nist
Published: Nov 26, 2024Modified: Nov 26, 2024

JSON object

Loading...
4.3
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Exploitability: 2.8 / Impact: 1.4
Source: cybersecurity@hitachienergy.com (Secondary)

Description

A vulnerability exists in NSD570 that allows any authenticated user to access all device logs disclosing login information with timestamps.

Related CWEs

CWE-497
Exposure of Sensitive System Information to an Unauthorized Control Sphere
The product does not properly prevent sensitive system-level information from being accessed by unauthorized actors who do not have the same level of access to the underlying system as the product does.

References (1)

Source: cybersecurity@hitachienergy.com

Timeline

No history available yet.