CVE-2026-2460

High

A vulnerability exists in REB500 for an authenticated user with low-level privileges to access and alter the content of directories by…

Hitachi Energy·CWE-267·Published 2026-02-24

CVSS

8.1

EPSS

0.00

KEV

Exploits

cve.orgen

199 chars

A vulnerability exists in REB500 for an authenticated user with low-level privileges to access and alter the content of directories by using the DAC protocol that the user is not authorized to do so.

NVDen

199 chars

A vulnerability exists in REB500 for an authenticated user with low-level privileges to access and alter the content of directories by using the DAC protocol that the user is not authorized to do so.

Existe una vulnerabilidad en REB500 para un usuario autenticado con privilegios de bajo nivel para acceder y alterar el contenido de directorios mediante el uso del protocolo DAC, para lo cual el usuario no está autorizado.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	NVD	8.1	2.8	5.2	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
4.0	Primary	cve.org	7.6	—	—	CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
4.0	Secondary	NVD	7.6	—	—	CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X