Vulnerability Description
Improper Access Control vulnerability in the application authentication and authorization of Hitachi Energy Retail Operations, Counterparty Settlement and Billing (CSB) allows an attacker to execute a modified signed Java Applet JAR file. A successful exploitation may lead to data extraction or modification of data inside the application. This issue affects: Hitachi Energy Retail Operations 5.7.3 and prior versions. Hitachi Energy Counterparty Settlement and Billing (CSB) 5.7.3 prior versions.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hitachienergy | Counterparty Settlements And Billing | <= 5.7.3 |
| Hitachienergy | Retail Operations | <= 5.7.3 |
Related Weaknesses (CWE)
References
- https://search.abb.com/library/Download.aspx?DocumentID=8DBD000067&LanguageCode=Vendor Advisory
- https://search.abb.com/library/Download.aspx?DocumentID=8DBD000068&LanguageCode=Vendor Advisory
- https://search.abb.com/library/Download.aspx?DocumentID=8DBD000067&LanguageCode=Vendor Advisory
- https://search.abb.com/library/Download.aspx?DocumentID=8DBD000068&LanguageCode=Vendor Advisory
FAQ
What is CVE-2021-35528?
CVE-2021-35528 is a vulnerability with a CVSS score of 7.2 (HIGH). Improper Access Control vulnerability in the application authentication and authorization of Hitachi Energy Retail Operations, Counterparty Settlement and Billing (CSB) allows an attacker to execute a...
How severe is CVE-2021-35528?
CVE-2021-35528 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-35528?
Check the references section above for vendor advisories and patch information. Affected products include: Hitachienergy Counterparty Settlements And Billing, Hitachienergy Retail Operations.