Home

Description

RTU500 web interface: An unprivileged user can read user management information. The information cannot be accessed via the RTU500 web user interface but requires further tools like browser development utilities to access them without required privileges.

PUBLISHED Reserved 2026-02-02 | Published 2026-02-24 | Updated 2026-02-24 | Assigner Hitachi Energy




MEDIUM: 5.3CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Problem types

CWE-280 Improper Handling of Insufficient Permissions or Privileges

Product status

Default status
unaffected

12.7.1 (custom)
affected

13.5.1 (custom)
affected

13.6.1 (custom)
affected

13.7.1 (custom)
affected

13.8.1 (custom)
affected

References

publisher.hitachienergy.com/...DocumentPartId=&Action=Launch

cve.org (CVE-2026-1772)

nvd.nist.gov (CVE-2026-1772)

Download JSON