CVE-2024-2377

HIGH

SDM600 - Privilege Escalation

Title source: llm

Description

A vulnerability exists in the too permissive HTTP response header web server settings of the SDM600. An attacker can take advantage of this and possibly carry out privileged actions and access sensitive information.

References (1)

[Various Sources] https://publisher.hitachienergy.com/preview?DocumentId=8DBD000191&languageCode=en&Preview=true

Scores

CVSS v3 7.6

EPSS 0.0012

EPSS Percentile 31.3%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H

Classification

CWE

CWE-346

Status draft

Timeline

Published Apr 30, 2024

Tracked Since Feb 18, 2026