{ "document" : { "aggregate_severity" : { "text" : "niedrig" }, "category" : "csaf_base", "csaf_version" : "2.0", "distribution" : { "tlp" : { "label" : "WHITE", "url" : "https://www.first.org/tlp/" } }, "lang" : "de-DE", "notes" : [ { "category" : "legal_disclaimer", "text" : "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen." }, { "category" : "description", "text" : "Die Relion-Produktfamilie umfasst Produkte für Schutz, Steuerung, Messung und Überwachung von Energiesystemen für IEC- und ANSI-Anwendungen.", "title" : "Produktbeschreibung" }, { "category" : "summary", "text" : "Ein entfernter, authentisierter Angreifer kann eine Schwachstelle in Hitachi Energy Relion ausnutzen, um einen Denial of Service Angriff durchzuführen.", "title" : "Angriff" }, { "category" : "general", "text" : "- Applicance", "title" : "Betroffene Betriebssysteme" } ], "publisher" : { "category" : "other", "contact_details" : "csaf-provider@cert-bund.de", "name" : "Bundesamt für Sicherheit in der Informationstechnik", "namespace" : "https://www.bsi.bund.de" }, "references" : [ { "category" : "self", "summary" : "WID-SEC-W-2023-0610 - CSAF Version", "url" : "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0610.json" }, { "category" : "self", "summary" : "WID-SEC-2023-0610 - Portal Version", "url" : "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0610" }, { "category" : "external", "summary" : "CISA Security Advisory vom 2023-03-09", "url" : "https://www.cisa.gov/news-events/ics-advisories/icsa-23-068-05" } ], "source_lang" : "en-US", "title" : "Hitachi Energy Relion: Schwachstelle ermöglicht Denial of Service", "tracking" : { "current_release_date" : "2023-03-09T23:00:00.000+00:00", "generator" : { "date" : "2024-08-15T17:46:24.297+00:00", "engine" : { "name" : "BSI-WID", "version" : "1.3.5" } }, "id" : "WID-SEC-W-2023-0610", "initial_release_date" : "2023-03-09T23:00:00.000+00:00", "revision_history" : [ { "date" : "2023-03-09T23:00:00.000+00:00", "number" : "1", "summary" : "Initiale Fassung" } ], "status" : "final", "version" : "1" } }, "product_tree" : { "branches" : [ { "branches" : [ { "branches" : [ { "category" : "product_name", "name" : "Hitachi Energy Relion 670 2.2.0", "product" : { "name" : "Hitachi Energy Relion 670 2.2.0", "product_id" : "T026699", "product_identification_helper" : { "cpe" : "cpe:/h:abb:relion:670_2.2.0" } } }, { "category" : "product_name", "name" : "Hitachi Energy Relion 650 2.2.0", "product" : { "name" : "Hitachi Energy Relion 650 2.2.0", "product_id" : "T026700", "product_identification_helper" : { "cpe" : "cpe:/h:abb:relion:650_2.2.0" } } }, { "category" : "product_name", "name" : "Hitachi Energy Relion 670 2.2.2", "product" : { "name" : "Hitachi Energy Relion 670 2.2.2", "product_id" : "T026701", "product_identification_helper" : { "cpe" : "cpe:/h:abb:relion:670_2.2.2" } } }, { "category" : "product_name", "name" : "Hitachi Energy Relion 670 2.2.3", "product" : { "name" : "Hitachi Energy Relion 670 2.2.3", "product_id" : "T026702", "product_identification_helper" : { "cpe" : "cpe:/h:abb:relion:670_2.2.3" } } }, { "category" : "product_name", "name" : "Hitachi Energy Relion 670 2.2.4", "product" : { "name" : "Hitachi Energy Relion 670 2.2.4", "product_id" : "T026703", "product_identification_helper" : { "cpe" : "cpe:/h:abb:relion:670_2.2.4" } } }, { "category" : "product_name", "name" : "Hitachi Energy Relion 650 2.2.4", "product" : { "name" : "Hitachi Energy Relion 650 2.2.4", "product_id" : "T026704", "product_identification_helper" : { "cpe" : "cpe:/h:abb:relion:650_2.2.4" } } }, { "category" : "product_name", "name" : "Hitachi Energy Relion 650 2.2.5", "product" : { "name" : "Hitachi Energy Relion 650 2.2.5", "product_id" : "T026705", "product_identification_helper" : { "cpe" : "cpe:/h:abb:relion:650_2.2.5" } } }, { "category" : "product_name", "name" : "Hitachi Energy Relion 670 2.2.5", "product" : { "name" : "Hitachi Energy Relion 670 2.2.5", "product_id" : "T026706", "product_identification_helper" : { "cpe" : "cpe:/h:abb:relion:670_2.2.5" } } } ], "category" : "product_name", "name" : "Relion" } ], "category" : "vendor", "name" : "Hitachi Energy" } ] }, "vulnerabilities" : [ { "cve" : "CVE-2022-3864", "notes" : [ { "category" : "description", "text" : "Es existiert eine Schwachstelle in Hitachi Energy Relion. Daten werden nicht ausreichend validiert. Ein entfernter, authentisierter Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuführen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich." } ], "product_status" : { "known_affected" : [ "T026705", "T026706", "T026703", "T026704", "T026701", "T026702", "T026699", "T026700" ] }, "release_date" : "2023-03-09T23:00:00.000+00:00", "title" : "CVE-2022-3864" } ] }