All the vulnerabilites related to NEC Corporation - CLUSTERPRO X (EXPRESSCLUSTER X)
cve-2023-39548
Vulnerability from cvelistv5
Published
2023-11-17 05:31
Modified
2024-08-29 14:23
Severity ?
EPSS score ?
Summary
CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleServerSafe 5.1 and earlier allows a attacker to log in to the product may execute an arbitrary command.
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T18:10:21.146Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://jpn.nec.com/security-info/secinfo/nv23-009_en.html" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:a:nec_corporation:clusterpro_x_singleserversafe\\/expresscluster_x_singleserversafe\\/:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "clusterpro_x_singleserversafe\\/expresscluster_x_singleserversafe\\/", "vendor": "nec_corporation", "versions": [ { "status": "affected", "version": "1.0" }, { "status": "affected", "version": "2.0" }, { "status": "affected", "version": "2.1" }, { "status": "affected", "version": "3.0" }, { "status": "affected", "version": "3.1" }, { "status": "affected", "version": "3.2" }, { "status": "affected", "version": "4.0" }, { "status": "affected", "version": "4.1" }, { "status": "affected", "version": "4.2" }, { "status": "affected", "version": "5.0" }, { "status": "affected", "version": "5.1" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2023-39548", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-08-29T14:17:21.435014Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-29T14:23:27.568Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "CLUSTERPRO X (EXPRESSCLUSTER X)", "vendor": "NEC Corporation", "versions": [ { "status": "affected", "version": "1.0, 2.0 2.1, 3.0, 3.1, 3.2, 4.0, 4.1, 4.2, 5.0 and 5.1" } ] }, { "product": "CLUSTERPRO X SingleServerSafe (EXPRESSCLUSTER X SingleServerSafe)", "vendor": "NEC Corporation", "versions": [ { "status": "affected", "version": "1.0, 2.0 2.1, 3.0, 3.1, 3.2, 4.0, 4.1, 4.2, 5.0 and 5.0" } ] } ], "credits": [ { "lang": "en", "type": "reporter", "user": "00000000-0000-4000-9000-000000000000", "value": "Mr. David Levard in Videotron." } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cp\u003eCLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleServerSafe 5.1 and earlier allows a attacker to log in to the product may execute an arbitrary command.\u003c/p\u003e" } ], "value": "CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleServerSafe 5.1 and earlier allows a attacker to log in to the product may execute an arbitrary command.\n\n" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-434", "description": "CWE-434 Unrestricted upload of file with dangerous type", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-11-24T11:51:09.351Z", "orgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282", "shortName": "NEC" }, "references": [ { "url": "https://jpn.nec.com/security-info/secinfo/nv23-009_en.html" } ] } }, "cveMetadata": { "assignerOrgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282", "assignerShortName": "NEC", "cveId": "CVE-2023-39548", "datePublished": "2023-11-17T05:31:40.336Z", "dateReserved": "2023-08-04T07:22:19.322Z", "dateUpdated": "2024-08-29T14:23:27.568Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-39546
Vulnerability from cvelistv5
Published
2023-11-17 05:31
Modified
2024-08-29 14:33
Severity ?
EPSS score ?
Summary
CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleServerSafe 5.1 and earlier allows a attacker to log in to the product may execute an arbitrary command.
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T18:10:21.152Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://jpn.nec.com/security-info/secinfo/nv23-009_en.html" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-39546", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-08-29T14:33:00.592206Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-29T14:33:29.801Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "CLUSTERPRO X (EXPRESSCLUSTER X)", "vendor": "NEC Corporation", "versions": [ { "status": "affected", "version": "1.0, 2.0 2.1, 3.0, 3.1, 3.2, 4.0, 4.1, 4.2, 5.0 and 5.1" } ] }, { "product": "CLUSTERPRO X SingleServerSafe (EXPRESSCLUSTER X SingleServerSafe)", "vendor": "NEC Corporation", "versions": [ { "status": "affected", "version": "1.0, 2.0 2.1, 3.0, 3.1, 3.2, 4.0, 4.1, 4.2, 5.0 and 5.1" } ] } ], "credits": [ { "lang": "en", "type": "reporter", "user": "00000000-0000-4000-9000-000000000000", "value": "Mr. David Levard in Videotron." } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cp\u003eCLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleServerSafe 5.1 and earlier allows a attacker to log in to the product may execute an arbitrary command.\u003c/p\u003e" } ], "value": "CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleServerSafe 5.1 and earlier allows a attacker to log in to the product may execute an arbitrary command.\n\n" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-836", "description": "CWE-836 Use of password hash instead of password for authentication", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-11-24T11:49:51.705Z", "orgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282", "shortName": "NEC" }, "references": [ { "url": "https://jpn.nec.com/security-info/secinfo/nv23-009_en.html" } ] } }, "cveMetadata": { "assignerOrgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282", "assignerShortName": "NEC", "cveId": "CVE-2023-39546", "datePublished": "2023-11-17T05:31:08.331Z", "dateReserved": "2023-08-04T07:22:19.322Z", "dateUpdated": "2024-08-29T14:33:29.801Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-39547
Vulnerability from cvelistv5
Published
2023-11-17 05:31
Modified
2024-08-29 14:27
Severity ?
EPSS score ?
Summary
CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleServerSafe 5.1 and earlier allows a attacker to log in to the product may execute an arbitrary command.
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T18:10:21.401Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://jpn.nec.com/security-info/secinfo/nv23-009_en.html" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:a:nec_corporation:clusterpro_x_singleserversafe\\/expresscluster_x_singleserversafe\\/:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "clusterpro_x_singleserversafe\\/expresscluster_x_singleserversafe\\/", "vendor": "nec_corporation", "versions": [ { "status": "affected", "version": "1.0" }, { "status": "affected", "version": "2.0" }, { "status": "affected", "version": "2.1" }, { "status": "affected", "version": "3.0" }, { "status": "affected", "version": "3.1" }, { "status": "affected", "version": "3.2" }, { "status": "affected", "version": "4.0" }, { "status": "affected", "version": "4.1" }, { "status": "affected", "version": "4.2" }, { "status": "affected", "version": "5.0" }, { "status": "affected", "version": "5.1" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2023-39547", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-08-29T14:25:13.395504Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-29T14:27:49.456Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "CLUSTERPRO X (EXPRESSCLUSTER X)", "vendor": "NEC Corporation", "versions": [ { "status": "affected", "version": "1.0, 2.0 2.1, 3.0, 3.1, 3.2, 4.0, 4.1, 4.2, 5.0 and 5.1" } ] }, { "product": "CLUSTERPRO X SingleServerSafe (EXPRESSCLUSTER X SingleServerSafe)", "vendor": "NEC Corporation", "versions": [ { "status": "affected", "version": "1.0, 2.0 2.1, 3.0, 3.1, 3.2, 4.0, 4.1, 4.2, 5.0 and 5.1" } ] } ], "credits": [ { "lang": "en", "type": "reporter", "user": "00000000-0000-4000-9000-000000000000", "value": "Mr. David Levard in Videotron." } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cp\u003eCLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleServerSafe 5.1 and earlier allows a attacker to log in to the product may execute an arbitrary command.\u003c/p\u003e" } ], "value": "CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleServerSafe 5.1 and earlier allows a attacker to log in to the product may execute an arbitrary command.\n\n" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-294", "description": "CWE-294 Authentication bypass by Capture-replay", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-11-24T11:50:37.452Z", "orgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282", "shortName": "NEC" }, "references": [ { "url": "https://jpn.nec.com/security-info/secinfo/nv23-009_en.html" } ] } }, "cveMetadata": { "assignerOrgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282", "assignerShortName": "NEC", "cveId": "CVE-2023-39547", "datePublished": "2023-11-17T05:31:27.701Z", "dateReserved": "2023-08-04T07:22:19.322Z", "dateUpdated": "2024-08-29T14:27:49.456Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-39545
Vulnerability from cvelistv5
Published
2023-11-17 05:30
Modified
2024-08-29 14:31
Severity ?
EPSS score ?
Summary
CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleServerSafe 5.1 and earlier allows a attacker to log in to the product may execute an arbitrary command.
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T18:10:21.356Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://jpn.nec.com/security-info/secinfo/nv23-009_en.html" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-39545", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-08-29T14:29:22.540390Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-29T14:31:29.147Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "CLUSTERPRO X (EXPRESSCLUSTER X)", "vendor": "NEC Corporation", "versions": [ { "status": "affected", "version": "1.0, 2.0 2.1, 3.0, 3.1, 3.2, 4.0, 4.1, 4.2, 5.0 and 5.1" } ] }, { "product": "CLUSTERPRO X SingleServerSafe (EXPRESSCLUSTER X SingleServerSafe)", "vendor": "NEC Corporation", "versions": [ { "status": "affected", "version": "1.0, 2.0 2.1, 3.0, 3.1, 3.2, 4.0, 4.1, 4.2, 5.0 and 5.1" } ] } ], "credits": [ { "lang": "en", "type": "reporter", "user": "00000000-0000-4000-9000-000000000000", "value": "Mr. David Levard in Videotron." } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cp\u003eCLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleServerSafe 5.1 and earlier allows a attacker to log in to the product may execute an arbitrary command.\u003c/p\u003e" } ], "value": "CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleServerSafe 5.1 and earlier allows a attacker to log in to the product may execute an arbitrary command.\n\n" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-552", "description": "CWE-552 Files or directories accessible to external parties", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-11-24T11:49:21.575Z", "orgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282", "shortName": "NEC" }, "references": [ { "url": "https://jpn.nec.com/security-info/secinfo/nv23-009_en.html" } ] } }, "cveMetadata": { "assignerOrgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282", "assignerShortName": "NEC", "cveId": "CVE-2023-39545", "datePublished": "2023-11-17T05:30:10.859Z", "dateReserved": "2023-08-04T07:22:19.322Z", "dateUpdated": "2024-08-29T14:31:29.147Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }