CVE-2021-40341

Summary

CVE	CVE-2021-40341
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2023-01-05 22:15:00 UTC
Updated	2023-11-07 03:38:00 UTC
Description	DES cipher, which has inadequate encryption strength, is used Hitachi Energy FOXMAN-UN to encrypt user credentials used to access the Network Elements. Successful exploitation allows sensitive information to be decrypted easily. This issue affects * FOXMAN-UN product: FOXMAN-UN R16A, FOXMAN-UN R15B, FOXMAN-UN R15A, FOXMAN-UN R14B, FOXMAN-UN R14A, FOXMAN-UN R11B, FOXMAN-UN R11A, FOXMAN-UN R10C, FOXMAN-UN R9C; * UNEM product: UNEM R16A, UNEM R15B, UNEM R15A, UNEM R14B, UNEM R14A, UNEM R11B, UNEM R11A, UNEM R10C, UNEM R9C. List of CPEs: * cpe:2.3:a:hitachienergy:foxman-un:R16A:::::::* * cpe:2.3:a:hitachienergy:foxman-un:R15B:::::::* * cpe:2.3:a:hitachienergy:foxman-un:R15A:::::::* * cpe:2.3:a:hitachienergy:foxman-un:R14B:::::::* * cpe:2.3:a:hitachienergy:foxman-un:R14A:::::::* * cpe:2.3:a:hitachienergy:foxman-un:R11B:::::::* * cpe:2.3:a:hitachienergy:foxman-un:R11A:::::::* * cpe:2.3:a:hitachienergy:foxman-un:R10C:::::::* * cpe:2.3:a:hitachienergy:foxman-un:R9C:::::::* * cpe:2.3:a:hitachienergy:unem:R16A:::::::* * cpe:2.3:a:hitachienergy:unem:R15B:::::::* * cpe:2.3:a:hitachienergy:unem:R15A:::::::* * cpe:2.3:a:hitachienergy:unem:R14B:::::::* * cpe:2.3:a:hitachienergy:unem:R14A:::::::* * cpe:2.3:a:hitachienergy:unem:R11B:::::::* * cpe:2.3:a:hitachienergy:unem:R11A:::::::* * cpe:2.3:a:hitachienergy:unem:R10C:::::::* * cpe:2.3:a:hitachienergy:unem:R9C:::::::*

Risk And Classification

Problem Types: CWE-326

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Hitachi	Foxman-un	r10c	All	All	All
Application	Hitachi	Foxman-un	r11a	All	All	All
Application	Hitachi	Foxman-un	r11b	All	All	All
Application	Hitachi	Foxman-un	r14a	All	All	All
Application	Hitachi	Foxman-un	r14b	All	All	All
Application	Hitachi	Foxman-un	r15a	All	All	All
Application	Hitachi	Foxman-un	r15b	All	All	All
Application	Hitachi	Foxman-un	r16a	All	All	All
Application	Hitachi	Foxman-un	r9c	All	All	All
Application	Hitachi	Unem	r10c	All	All	All
Application	Hitachi	Unem	r11a	All	All	All
Application	Hitachi	Unem	r11b	All	All	All
Application	Hitachi	Unem	r14a	All	All	All
Application	Hitachi	Unem	r14b	All	All	All
Application	Hitachi	Unem	r15a	All	All	All
Application	Hitachi	Unem	r15b	All	All	All
Application	Hitachi	Unem	r16a	All	All	All
Application	Hitachi	Unem	r9c	All	All	All
Application	Hitachienergy	Foxman-un	r10c	All	All	All
Application	Hitachienergy	Foxman-un	r11a	All	All	All
Application	Hitachienergy	Foxman-un	r11b	All	All	All
Application	Hitachienergy	Foxman-un	r14a	All	All	All
Application	Hitachienergy	Foxman-un	r14b	All	All	All
Application	Hitachienergy	Foxman-un	r15a	All	All	All
Application	Hitachienergy	Foxman-un	r15b	All	All	All
Application	Hitachienergy	Foxman-un	r16a	All	All	All
Application	Hitachienergy	Foxman-un	r9c	All	All	All
Application	Hitachienergy	Unem	r10c	All	All	All
Application	Hitachienergy	Unem	r11a	All	All	All
Application	Hitachienergy	Unem	r11b	All	All	All
Application	Hitachienergy	Unem	r14a	All	All	All
Application	Hitachienergy	Unem	r14b	All	All	All
Application	Hitachienergy	Unem	r15a	All	All	All
Application	Hitachienergy	Unem	r15b	All	All	All
Application	Hitachienergy	Unem	r16a	All	All	All
Application	Hitachienergy	Unem	r9c	All	All	All

References

Reference	Source	Link	Tags
search.abb.com/library/Download.aspx	MISC	search.abb.com
search.abb.com/library/Download.aspx	MISC	search.abb.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.