CVE-2023-5515Sensitive Information Exposure in Energy Esoms

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
5.3MEDIUMNVD
EPSS
0.3%
top 50.20%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Hitachi Energy EsomsHitachienergy Esoms
Timeline
PublishedNov 1

Description

The responses for web queries with certain parameters disclose internal path of resources. This information can be used to learn internal structure of the application and to further plot attacks against web servers and deployed web applications.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

CVEListV5hitachi_energy/esoms6.06.3.13

🔴Vulnerability Details

2
GHSA
GHSA-j628-xcfp-7w2p: The responses for web queries with certain parameters disclose internal path of resources2023-11-01
CVEList
CVE-2023-5515: The responses for web queries with certain parameters disclose internal path of resources2023-11-01
CVE-2023-5515 — Sensitive Information Exposure | cvebase