Search criteria
4 vulnerabilities found for STARDOM Controller by Yokogawa Electric Corporation
CVE-2022-30997 (GCVE-0-2022-30997)
Vulnerability from cvelistv5 – Published: 2022-06-28 10:06 – Updated: 2024-08-03 07:03
VLAI?
Summary
Use of hard-coded credentials vulnerability exists in STARDOM FCN Controller and FCJ Controller R4.10 to R4.31, which may allow an attacker with an administrative privilege to read/change configuration settings or update the controller with tampered firmware.
Severity ?
6.3 (Medium)
CWE
- Use of Hard-coded Credentials
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Yokogawa Electric Corporation | STARDOM Controller |
Affected:
STARDOM FCN Controller and FCJ Controller R4.10 to R4.31
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:yokogawa:stardom_fcj_firmware:r4.10:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "stardom_fcj_firmware",
"vendor": "yokogawa",
"versions": [
{
"lessThanOrEqual": "r4.31",
"status": "affected",
"version": "r4.10",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:yokogawa:stardom_fcn_firmware:r4.10:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "stardom_fcn_firmware",
"vendor": "yokogawa",
"versions": [
{
"lessThanOrEqual": "r4.31",
"status": "affected",
"version": "r4.10",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-30997",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-26T19:56:59.327177Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798 Use of Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-26T20:01:46.457Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:03:40.234Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/vu/JVNVU95452299/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "STARDOM Controller",
"vendor": "Yokogawa Electric Corporation",
"versions": [
{
"status": "affected",
"version": "STARDOM FCN Controller and FCJ Controller R4.10 to R4.31"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Use of hard-coded credentials vulnerability exists in STARDOM FCN Controller and FCJ Controller R4.10 to R4.31, which may allow an attacker with an administrative privilege to read/change configuration settings or update the controller with tampered firmware."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use of Hard-coded Credentials",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-28T10:06:01",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/vu/JVNVU95452299/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2022-30997",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "STARDOM Controller",
"version": {
"version_data": [
{
"version_value": "STARDOM FCN Controller and FCJ Controller R4.10 to R4.31"
}
]
}
}
]
},
"vendor_name": "Yokogawa Electric Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use of hard-coded credentials vulnerability exists in STARDOM FCN Controller and FCJ Controller R4.10 to R4.31, which may allow an attacker with an administrative privilege to read/change configuration settings or update the controller with tampered firmware."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use of Hard-coded Credentials"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf",
"refsource": "MISC",
"url": "https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf"
},
{
"name": "https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf",
"refsource": "MISC",
"url": "https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf"
},
{
"name": "https://jvn.jp/vu/JVNVU95452299/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/vu/JVNVU95452299/index.html"
},
{
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01",
"refsource": "MISC",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2022-30997",
"datePublished": "2022-06-28T10:06:01",
"dateReserved": "2022-05-31T00:00:00",
"dateUpdated": "2024-08-03T07:03:40.234Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-29519 (GCVE-0-2022-29519)
Vulnerability from cvelistv5 – Published: 2022-06-28 10:05 – Updated: 2024-08-03 06:26
VLAI?
Summary
Cleartext transmission of sensitive information vulnerability exists in STARDOM FCN Controller and FCJ Controller R1.01 to R4.31, which may allow an adjacent attacker to login the affected products and alter device configuration settings or tamper with device firmware.
Severity ?
No CVSS data available.
CWE
- Cleartext Transmission of Sensitive Information
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Yokogawa Electric Corporation | STARDOM Controller |
Affected:
STARDOM FCN Controller and FCJ Controller R1.01 to R4.31
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:26:05.949Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/vu/JVNVU95452299/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "STARDOM Controller",
"vendor": "Yokogawa Electric Corporation",
"versions": [
{
"status": "affected",
"version": "STARDOM FCN Controller and FCJ Controller R1.01 to R4.31"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cleartext transmission of sensitive information vulnerability exists in STARDOM FCN Controller and FCJ Controller R1.01 to R4.31, which may allow an adjacent attacker to login the affected products and alter device configuration settings or tamper with device firmware."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-28T10:05:31",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/vu/JVNVU95452299/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2022-29519",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "STARDOM Controller",
"version": {
"version_data": [
{
"version_value": "STARDOM FCN Controller and FCJ Controller R1.01 to R4.31"
}
]
}
}
]
},
"vendor_name": "Yokogawa Electric Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cleartext transmission of sensitive information vulnerability exists in STARDOM FCN Controller and FCJ Controller R1.01 to R4.31, which may allow an adjacent attacker to login the affected products and alter device configuration settings or tamper with device firmware."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cleartext Transmission of Sensitive Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf",
"refsource": "MISC",
"url": "https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf"
},
{
"name": "https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf",
"refsource": "MISC",
"url": "https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf"
},
{
"name": "https://jvn.jp/vu/JVNVU95452299/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/vu/JVNVU95452299/index.html"
},
{
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01",
"refsource": "MISC",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2022-29519",
"datePublished": "2022-06-28T10:05:31",
"dateReserved": "2022-05-31T00:00:00",
"dateUpdated": "2024-08-03T06:26:05.949Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-30997 (GCVE-0-2022-30997)
Vulnerability from nvd – Published: 2022-06-28 10:06 – Updated: 2024-08-03 07:03
VLAI?
Summary
Use of hard-coded credentials vulnerability exists in STARDOM FCN Controller and FCJ Controller R4.10 to R4.31, which may allow an attacker with an administrative privilege to read/change configuration settings or update the controller with tampered firmware.
Severity ?
6.3 (Medium)
CWE
- Use of Hard-coded Credentials
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Yokogawa Electric Corporation | STARDOM Controller |
Affected:
STARDOM FCN Controller and FCJ Controller R4.10 to R4.31
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:yokogawa:stardom_fcj_firmware:r4.10:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "stardom_fcj_firmware",
"vendor": "yokogawa",
"versions": [
{
"lessThanOrEqual": "r4.31",
"status": "affected",
"version": "r4.10",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:yokogawa:stardom_fcn_firmware:r4.10:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "stardom_fcn_firmware",
"vendor": "yokogawa",
"versions": [
{
"lessThanOrEqual": "r4.31",
"status": "affected",
"version": "r4.10",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-30997",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-26T19:56:59.327177Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798 Use of Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-26T20:01:46.457Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:03:40.234Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/vu/JVNVU95452299/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "STARDOM Controller",
"vendor": "Yokogawa Electric Corporation",
"versions": [
{
"status": "affected",
"version": "STARDOM FCN Controller and FCJ Controller R4.10 to R4.31"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Use of hard-coded credentials vulnerability exists in STARDOM FCN Controller and FCJ Controller R4.10 to R4.31, which may allow an attacker with an administrative privilege to read/change configuration settings or update the controller with tampered firmware."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use of Hard-coded Credentials",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-28T10:06:01",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/vu/JVNVU95452299/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2022-30997",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "STARDOM Controller",
"version": {
"version_data": [
{
"version_value": "STARDOM FCN Controller and FCJ Controller R4.10 to R4.31"
}
]
}
}
]
},
"vendor_name": "Yokogawa Electric Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use of hard-coded credentials vulnerability exists in STARDOM FCN Controller and FCJ Controller R4.10 to R4.31, which may allow an attacker with an administrative privilege to read/change configuration settings or update the controller with tampered firmware."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use of Hard-coded Credentials"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf",
"refsource": "MISC",
"url": "https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf"
},
{
"name": "https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf",
"refsource": "MISC",
"url": "https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf"
},
{
"name": "https://jvn.jp/vu/JVNVU95452299/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/vu/JVNVU95452299/index.html"
},
{
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01",
"refsource": "MISC",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2022-30997",
"datePublished": "2022-06-28T10:06:01",
"dateReserved": "2022-05-31T00:00:00",
"dateUpdated": "2024-08-03T07:03:40.234Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-29519 (GCVE-0-2022-29519)
Vulnerability from nvd – Published: 2022-06-28 10:05 – Updated: 2024-08-03 06:26
VLAI?
Summary
Cleartext transmission of sensitive information vulnerability exists in STARDOM FCN Controller and FCJ Controller R1.01 to R4.31, which may allow an adjacent attacker to login the affected products and alter device configuration settings or tamper with device firmware.
Severity ?
No CVSS data available.
CWE
- Cleartext Transmission of Sensitive Information
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Yokogawa Electric Corporation | STARDOM Controller |
Affected:
STARDOM FCN Controller and FCJ Controller R1.01 to R4.31
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:26:05.949Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/vu/JVNVU95452299/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "STARDOM Controller",
"vendor": "Yokogawa Electric Corporation",
"versions": [
{
"status": "affected",
"version": "STARDOM FCN Controller and FCJ Controller R1.01 to R4.31"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cleartext transmission of sensitive information vulnerability exists in STARDOM FCN Controller and FCJ Controller R1.01 to R4.31, which may allow an adjacent attacker to login the affected products and alter device configuration settings or tamper with device firmware."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-28T10:05:31",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/vu/JVNVU95452299/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2022-29519",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "STARDOM Controller",
"version": {
"version_data": [
{
"version_value": "STARDOM FCN Controller and FCJ Controller R1.01 to R4.31"
}
]
}
}
]
},
"vendor_name": "Yokogawa Electric Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cleartext transmission of sensitive information vulnerability exists in STARDOM FCN Controller and FCJ Controller R1.01 to R4.31, which may allow an adjacent attacker to login the affected products and alter device configuration settings or tamper with device firmware."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cleartext Transmission of Sensitive Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf",
"refsource": "MISC",
"url": "https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf"
},
{
"name": "https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf",
"refsource": "MISC",
"url": "https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf"
},
{
"name": "https://jvn.jp/vu/JVNVU95452299/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/vu/JVNVU95452299/index.html"
},
{
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01",
"refsource": "MISC",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2022-29519",
"datePublished": "2022-06-28T10:05:31",
"dateReserved": "2022-05-31T00:00:00",
"dateUpdated": "2024-08-03T06:26:05.949Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}