Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

Asset Suite 9

Source -

CNA

CNA CVEs -

1

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
1Vulnerabilities found
CVE-2023-4816
Assigner-Hitachi Energy
ShareView Details
Assigner-Hitachi Energy
CVSS Score-6.9||MEDIUM
EPSS-0.01% / 1.00%
||
7 Day CHG~0.00%
Published-11 Sep, 2023 | 07:40
Updated-25 Sep, 2024 | 20:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability exists in the Equipment Tag Out authentication, when configured with Single Sign-On (SSO) with password validation in T214. This vulnerability can be exploited by an authenticated user per-forming an Equipment Tag Out holder action (Accept, Release, and Clear) for another user and entering an arbitrary password in the holder action confirmation dialog box. Despite entering an arbitrary password in the confirmation box, the system will execute the selected holder action.

Action-Not Available
Vendor-Hitachi Energy Ltd.
Product-asset_suiteAsset Suite 9
CWE ID-CWE-287
Improper Authentication