All the vulnerabilites related to Yokogawa Electric Corporation - B/M9000 CS
jvndb-2023-001411
Vulnerability from jvndb
Published
2023-04-06 14:59
Modified
2024-05-29 18:23
Severity ?
Summary
Yokogawa Electric CENTUM series vulnerable to cleartext storage of sensitive information
Details
CENTUM series provided by Yokogawa Electric Corporation are vulnerable to cleartext storage of sensitive information (CWE-312, CVE-2023-26593).
Yokogawa Electric Corporation reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.
References
| ▼ | Type | URL |
|---|---|---|
| JVN | https://jvn.jp/en/vu/JVNVU98775218/index.html | |
| CVE | https://www.cve.org/CVERecord?id=CVE-2023-26593 | |
| NVD | https://nvd.nist.gov/vuln/detail/CVE-2023-26593 | |
| Cleartext Storage of Sensitive Information(CWE-312) | https://cwe.mitre.org/data/definitions/312.html |
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-001411.html",
"dc:date": "2024-05-29T18:23+09:00",
"dcterms:issued": "2023-04-06T14:59+09:00",
"dcterms:modified": "2024-05-29T18:23+09:00",
"description": "CENTUM series provided by Yokogawa Electric Corporation are vulnerable to cleartext storage of sensitive information (CWE-312, CVE-2023-26593).\r\n\r\nYokogawa Electric Corporation reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.",
"link": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-001411.html",
"sec:cpe": [
{
"#text": "cpe:/a:yokogawa:b%2fm9000cs",
"@product": "B/M9000 CS",
"@vendor": "Yokogawa Electric Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:yokogawa:b%2fm9000_vp",
"@product": "B/M9000 VP",
"@vendor": "Yokogawa Electric Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:yokogawa:centum_cs_1000",
"@product": "CENTUM CS 1000",
"@vendor": "Yokogawa Electric Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:yokogawa:centum_cs_3000",
"@product": "CENTUM CS 3000",
"@vendor": "Yokogawa Electric Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:yokogawa:centum_vp",
"@product": "CENTUM VP",
"@vendor": "Yokogawa Electric Corporation",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "6.5",
"@severity": "Medium",
"@type": "Base",
"@vector": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"@version": "3.0"
},
"sec:identifier": "JVNDB-2023-001411",
"sec:references": [
{
"#text": "https://jvn.jp/en/vu/JVNVU98775218/index.html",
"@id": "JVNVU#98775218",
"@source": "JVN"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2023-26593",
"@id": "CVE-2023-26593",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-26593",
"@id": "CVE-2023-26593",
"@source": "NVD"
},
{
"#text": "https://cwe.mitre.org/data/definitions/312.html",
"@id": "CWE-312",
"@title": "Cleartext Storage of Sensitive Information(CWE-312)"
}
],
"title": "Yokogawa Electric CENTUM series vulnerable to cleartext storage of sensitive information"
}