CVE-2026-2459

High

A vulnerability exists in REB500 for an authenticated user with Installer role to access and alter the contents of directories that the…

Hitachi Energy·CWE-267·Published 2026-02-24

CVSS

8.1

EPSS

0.00

KEV

Exploits

cve.orgen

168 chars

A vulnerability exists in REB500 for an authenticated user with Installer role to access and alter the contents of directories that the role is not authorized to do so.

NVDen

168 chars

A vulnerability exists in REB500 for an authenticated user with Installer role to access and alter the contents of directories that the role is not authorized to do so.

Existe una vulnerabilidad en REB500 que hace que un usuario autenticado con rol de Instalador acceda y altere el contenido de directorios para los que el rol no está autorizado a hacerlo.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	NVD	8.1	2.8	5.2	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
4.0	Primary	cve.org	7.4	—	—	CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
4.0	Secondary	NVD	7.4	—	—	CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X