CVE-2021-35529 HIGH

CVE-2021-35529: Password in Memory Vulnerability in Retail Operations Product and Counterparty Settlement and Billing (CSB)

Vendor Hitachi Abb Power Grids
Product Retail Operations
Weakness CWE-522 · Insufficiently protected credentials
Published August 20, 2021
Last update September 17, 2024

CVSS base score

7.7/10
Attack vector Network
Attack complexity High
Privileges required High
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N

What the vulnerability does

01Description

Insufficiently Protected Credentials vulnerability in client environment of Hitachi ABB Power Grids Retail Operations and Counterparty Settlement Billing (CSB) allows an attacker or unauthorized user to access database credentials, shut down the product and access or alter. This issue affects: Hitachi ABB Power Grids Retail Operations version 5.7.2 and prior versions. Hitachi ABB Power Grids Counterparty Settlement Billing (CSB) version 5.7.2 and prior versions.

Key dates

02Disclosure timeline

August 20, 2021 CVE published
September 17, 2024 Record updated