{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-24T03:26:36.020","vulnerabilities":[{"cve":{"id":"CVE-2024-28022","sourceIdentifier":"cybersecurity@hitachienergy.com","published":"2024-06-11T19:16:06.017","lastModified":"2025-04-29T19:40:10.683","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability exists in the UNEM server / APIGateway that if exploited allows a malicious user to perform an arbitrary number of\nauthentication attempts using different passwords, and eventually\ngain access to other components in the same security realm using\nthe targeted account."},{"lang":"es","value":"Existe una vulnerabilidad en el servidor/APIGateway de FOXMAN-UN/UNEM que, si se explota, permite a un usuario malintencionado realizar un número arbitrario de intentos de autenticación utilizando diferentes contraseñas y, finalmente, obtener acceso a la cuenta objetivo."}],"metrics":{"cvssMetricV31":[{"source":"cybersecurity@hitachienergy.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.2,"impactScore":3.7},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.2,"impactScore":3.7}]},"weaknesses":[{"source":"cybersecurity@hitachienergy.com","type":"Secondary","description":[{"lang":"en","value":"CWE-307"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-307"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:hitachienergy:foxman-un:r15a:*:*:*:*:*:*:*","matchCriteriaId":"A7593C74-2882-45D3-AB32-3A45E3AECAAE"},{"vulnerable":true,"criteria":"cpe:2.3:a:hitachienergy:foxman-un:r15b:*:*:*:*:*:*:*","matchCriteriaId":"47606044-296D-4561-B9DC-82659BC666F2"},{"vulnerable":true,"criteria":"cpe:2.3:a:hitachienergy:foxman-un:r16a:*:*:*:*:*:*:*","matchCriteriaId":"7EE987B2-0620-44BB-AEA7-4E20CBE44822"},{"vulnerable":true,"criteria":"cpe:2.3:a:hitachienergy:foxman-un:r16b:*:*:*:*:*:*:*","matchCriteriaId":"AE743C56-A17F-4FA7-9998-0C767E07518A"},{"vulnerable":true,"criteria":"cpe:2.3:a:hitachienergy:unem:r15a:*:*:*:*:*:*:*","matchCriteriaId":"E78C9E5B-5876-4F15-A98A-359193287446"},{"vulnerable":true,"criteria":"cpe:2.3:a:hitachienergy:unem:r15b:*:*:*:*:*:*:*","matchCriteriaId":"C3168F38-7B9E-4F4D-B6D0-1BAFB5FE05F5"},{"vulnerable":true,"criteria":"cpe:2.3:a:hitachienergy:unem:r16a:*:*:*:*:*:*:*","matchCriteriaId":"7ABB4A53-07A0-4F9A-824B-A1AC71CCB44E"},{"vulnerable":true,"criteria":"cpe:2.3:a:hitachienergy:unem:r16b:*:*:*:*:*:*:*","matchCriteriaId":"ADA6755A-0553-4246-B462-7580B080FDEF"}]}]}],"references":[{"url":"https://publisher.hitachienergy.com/preview?DocumentId=8DBD000194&languageCode=en&Preview=true","source":"cybersecurity@hitachienergy.com","tags":["Vendor Advisory"]},{"url":"https://publisher.hitachienergy.com/preview?DocumentId=8DBD000201&languageCode=en&Preview=true","source":"cybersecurity@hitachienergy.com","tags":["Vendor Advisory"]},{"url":"https://publisher.hitachienergy.com/preview?DocumentId=8DBD000194&languageCode=en&Preview=true","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://publisher.hitachienergy.com/preview?DocumentId=8DBD000201&languageCode=en&Preview=true","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}