What is CVE-2021-40339 vulnerability?

CVE-2021-40339 is a configuration vulnerability in the Hitachi Energy LinkOne application that allows an attacker to retrieve sensitive information due to the lack of HTTP Headers.

Which versions of Hitachi Energy LinkOne are affected by CVE-2021-40339?

Hitachi Energy LinkOne versions 3.20, 3.22, 3.23, 3.24, 3.25, and 3.26 are affected.

What is the severity of CVE-2021-40339?

CVE-2021-40339 has a severity rating of 7.5 out of 10 (high severity).

How can an attacker exploit CVE-2021-40339?

An attacker can exploit CVE-2021-40339 by taking advantage of the lack of HTTP Headers in the Hitachi Energy LinkOne application to retrieve sensitive information.

Is there a fix available for CVE-2021-40339?

At the moment, there is no specific fix available for CVE-2021-40339. It is recommended to follow the guidance provided by the vendor and implement any security updates or patches as they become available.

Vulnerability/
CVE-2021-40339

high

7.5

28/1/2022

17/9/2024

CVE-2021-40339: OWASP Related Vulnerabilities in Hitachi Energy’s LinkOne Product

First published: Fri Jan 28 2022(Updated: )

Configuration vulnerability in Hitachi Energy LinkOne application due to the lack of HTTP Headers, allows an attacker that manages to exploit this vulnerability to retrieve sensitive information. This issue affects: Hitachi Energy LinkOne 3.20; 3.22; 3.23; 3.24; 3.25; 3.26.

Credit: cybersecurity@hitachienergy.com

Affected Software	Affected Version	How to fix
Hitachi Linkone	=3.20
Hitachi Linkone	=3.22
Hitachi Linkone	=3.23
Hitachi Linkone	=3.24
Hitachi Linkone	=3.25
Hitachi Linkone	=3.26

Remedy

For each version, apply security patch or update to LinkOne v3.27

Never miss a vulnerability like this again

Reference Links

https://search.abb.com/library/Download.aspx?DocumentID=8DBD000079&LanguageCode=en&DocumentPartId=&Action=Launch

Frequently Asked Questions

What is CVE-2021-40339 vulnerability?
CVE-2021-40339 is a configuration vulnerability in the Hitachi Energy LinkOne application that allows an attacker to retrieve sensitive information due to the lack of HTTP Headers.
Which versions of Hitachi Energy LinkOne are affected by CVE-2021-40339?
Hitachi Energy LinkOne versions 3.20, 3.22, 3.23, 3.24, 3.25, and 3.26 are affected.
What is the severity of CVE-2021-40339?
CVE-2021-40339 has a severity rating of 7.5 out of 10 (high severity).
How can an attacker exploit CVE-2021-40339?
An attacker can exploit CVE-2021-40339 by taking advantage of the lack of HTTP Headers in the Hitachi Energy LinkOne application to retrieve sensitive information.
Is there a fix available for CVE-2021-40339?
At the moment, there is no specific fix available for CVE-2021-40339. It is recommended to follow the guidance provided by the vendor and implement any security updates or patches as they become available.

collector/nvd-index
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/author
agent/title
agent/remedy
agent/references
agent/severity
agent/last-modified-date
agent/tags
agent/description
agent/first-publish-date
agent/event
vendor/hitachi
canonical/hitachi linkone
version/hitachi linkone/3.20
version/hitachi linkone/3.22
version/hitachi linkone/3.23
version/hitachi linkone/3.24
version/hitachi linkone/3.25
version/hitachi linkone/3.26

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.