What is the severity of CVE-2023-2622?

The severity of CVE-2023-2622 is medium with a severity value of 4.3.

Which software is affected by CVE-2023-2622?

The Hitachienergy Modular Advanced Control For Hvdc software versions 7.10.0.0 to 7.18.0.0 are affected by CVE-2023-2622.

Is there a fix for CVE-2023-2622?

Currently, there is no information available regarding a fix for CVE-2023-2622. It is recommended to follow the guidance provided by the vendor and keep the software up to date.

Vulnerability/
CVE-2023-2622

medium

4.3

CWE

668

1/11/2023

2/8/2024

CVE-2023-2622

Q: What is CVE-2023-2622?

CVE-2023-2622 is a vulnerability that allows authenticated clients to read arbitrary files on the MAIN Computer system using the remote procedure call (RPC) of the InspectSetup service endpoint.

Q: How can authenticated clients exploit CVE-2023-2622?

Authenticated clients can exploit CVE-2023-2622 by using the remote procedure call (RPC) of the InspectSetup service endpoint to read arbitrary files on the MAIN Computer system.

First published: Wed Nov 01 2023(Updated: )

Authenticated clients can read arbitrary files on the MAIN Computer system using the remote procedure call (RPC) of the InspectSetup service endpoint. The low privilege client is then allowed to read arbitrary files that they do not have authorization to read.

Credit: cybersecurity@hitachienergy.com

Affected Software	Affected Version	How to fix
Hitachienergy Modular Advanced Control For Hvdc	>=7.10.0.0<=7.18.0.0

Never miss a vulnerability like this again

Reference Links

https://publisher.hitachienergy.com/preview?DocumentId=8DBD000177&languageCode=en&Preview=true

Frequently Asked Questions

What is CVE-2023-2622?
CVE-2023-2622 is a vulnerability that allows authenticated clients to read arbitrary files on the MAIN Computer system using the remote procedure call (RPC) of the InspectSetup service endpoint.
What is the severity of CVE-2023-2622?
The severity of CVE-2023-2622 is medium with a severity value of 4.3.
Which software is affected by CVE-2023-2622?
The Hitachienergy Modular Advanced Control For Hvdc software versions 7.10.0.0 to 7.18.0.0 are affected by CVE-2023-2622.
How can authenticated clients exploit CVE-2023-2622?
Authenticated clients can exploit CVE-2023-2622 by using the remote procedure call (RPC) of the InspectSetup service endpoint to read arbitrary files on the MAIN Computer system.
Is there a fix for CVE-2023-2622?
Currently, there is no information available regarding a fix for CVE-2023-2622. It is recommended to follow the guidance provided by the vendor and keep the software up to date.

collector/nvd-api
agent/type
agent/event
collector/mitre-cve
source/MITRE
agent/severity
agent/author
agent/weakness
agent/references
agent/softwarecombine
agent/description
agent/tags
agent/last-modified-date
agent/first-publish-date
vendor/hitachienergy
canonical/hitachienergy modular advanced control for hvdc
version/hitachienergy modular advanced control for hvdc/7.10.0.0
version/hitachienergy modular advanced control for hvdc/7.18.0.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.