Search criteria
6 vulnerabilities found for easyblocks_ipv6_firmware by plathome
FKIE_CVE-2020-5549
Vulnerability from fkie_nvd - Published: 2020-04-08 08:15 - Updated: 2024-11-21 05:34
Severity ?
Summary
Cross-site request forgery (CSRF) vulnerability in EasyBlocks IPv6 Ver. 2.0.1 and earlier and Enterprise Ver. 2.0.1 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
References
| URL | Tags | ||
|---|---|---|---|
| vultures@jpcert.or.jp | https://jvn.jp/en/jp/JVN89224521/index.html | Third Party Advisory | |
| vultures@jpcert.or.jp | https://www.plathome.co.jp/software/ipv6-enterprise-v2-0-2/ | Release Notes, Vendor Advisory | |
| vultures@jpcert.or.jp | https://www.plathome.co.jp/software/ipv6-v2-0-2/ | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://jvn.jp/en/jp/JVN89224521/index.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.plathome.co.jp/software/ipv6-enterprise-v2-0-2/ | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.plathome.co.jp/software/ipv6-v2-0-2/ | Release Notes, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| plathome | easyblocks_ipv6_firmware | * | |
| plathome | easyblocks_ipv6 | - | |
| plathome | easyblocks_ipv6_enterprise_firmware | * | |
| plathome | easyblocks_ipv6_enterprise | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:plathome:easyblocks_ipv6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0537A892-BE9A-4707-963E-163C0B4934DD",
"versionEndIncluding": "2.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:plathome:easyblocks_ipv6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CF8A592-8B61-4E1C-A9E7-407479110CA4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:plathome:easyblocks_ipv6_enterprise_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FF84DAC-72E4-433B-8FA5-DAF25F118647",
"versionEndIncluding": "2.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:plathome:easyblocks_ipv6_enterprise:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC8F7DB2-920B-4C7B-BECD-26FE71CEE893",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in EasyBlocks IPv6 Ver. 2.0.1 and earlier and Enterprise Ver. 2.0.1 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors."
},
{
"lang": "es",
"value": "Una vulnerabilidad de tipo cross-site request forgery (CSRF) en EasyBlocks IPv6 versiones Ver. 2.0.1 y anteriores y Enterprise versiones Ver. 2.0.1 y anteriores, permite a atacantes remotos secuestrar la autenticaci\u00f3n de administradores por medio de vectores no especificados."
}
],
"id": "CVE-2020-5549",
"lastModified": "2024-11-21T05:34:15.410",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-08T08:15:12.483",
"references": [
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
],
"url": "https://jvn.jp/en/jp/JVN89224521/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.plathome.co.jp/software/ipv6-enterprise-v2-0-2/"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.plathome.co.jp/software/ipv6-v2-0-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://jvn.jp/en/jp/JVN89224521/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.plathome.co.jp/software/ipv6-enterprise-v2-0-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.plathome.co.jp/software/ipv6-v2-0-2/"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-5550
Vulnerability from fkie_nvd - Published: 2020-04-08 08:15 - Updated: 2024-11-21 05:34
Severity ?
Summary
Session fixation vulnerability in EasyBlocks IPv6 Ver. 2.0.1 and earlier, and Enterprise Ver. 2.0.1 and earlier allows remote attackers to impersonate a registered user and log in the management console, that may result in information alteration/disclosure via unspecified vectors.
References
| URL | Tags | ||
|---|---|---|---|
| vultures@jpcert.or.jp | https://jvn.jp/en/jp/JVN89224521/index.html | Third Party Advisory | |
| vultures@jpcert.or.jp | https://www.plathome.co.jp/software/ipv6-enterprise-v2-0-2/ | Release Notes, Vendor Advisory | |
| vultures@jpcert.or.jp | https://www.plathome.co.jp/software/ipv6-v2-0-2/ | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://jvn.jp/en/jp/JVN89224521/index.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.plathome.co.jp/software/ipv6-enterprise-v2-0-2/ | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.plathome.co.jp/software/ipv6-v2-0-2/ | Release Notes, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| plathome | easyblocks_ipv6_firmware | * | |
| plathome | easyblocks_ipv6 | - | |
| plathome | easyblocks_ipv6_enterprise_firmware | * | |
| plathome | easyblocks_ipv6_enterprise | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:plathome:easyblocks_ipv6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0537A892-BE9A-4707-963E-163C0B4934DD",
"versionEndIncluding": "2.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:plathome:easyblocks_ipv6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CF8A592-8B61-4E1C-A9E7-407479110CA4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:plathome:easyblocks_ipv6_enterprise_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FF84DAC-72E4-433B-8FA5-DAF25F118647",
"versionEndIncluding": "2.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:plathome:easyblocks_ipv6_enterprise:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC8F7DB2-920B-4C7B-BECD-26FE71CEE893",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Session fixation vulnerability in EasyBlocks IPv6 Ver. 2.0.1 and earlier, and Enterprise Ver. 2.0.1 and earlier allows remote attackers to impersonate a registered user and log in the management console, that may result in information alteration/disclosure via unspecified vectors."
},
{
"lang": "es",
"value": "Una vulnerabilidad de fijaci\u00f3n de sesi\u00f3n en EasyBlocks IPv6 versi\u00f3n Ver. 2.0.1 y anteriores, y Enterprise versi\u00f3n Ver. 2.0.1 y anteriores, permite a atacantes remotos suplantar un usuario registrado e iniciar sesi\u00f3n en la consola de administraci\u00f3n, que puede resultar en una alteraci\u00f3n y divulgaci\u00f3n de informaci\u00f3n por medio de vectores no especificados."
}
],
"id": "CVE-2020-5550",
"lastModified": "2024-11-21T05:34:15.510",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-08T08:15:12.593",
"references": [
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
],
"url": "https://jvn.jp/en/jp/JVN89224521/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.plathome.co.jp/software/ipv6-enterprise-v2-0-2/"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.plathome.co.jp/software/ipv6-v2-0-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://jvn.jp/en/jp/JVN89224521/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.plathome.co.jp/software/ipv6-enterprise-v2-0-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.plathome.co.jp/software/ipv6-v2-0-2/"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-384"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2020-5549 (GCVE-0-2020-5549)
Vulnerability from cvelistv5 – Published: 2020-04-08 07:50 – Updated: 2024-08-04 08:30
VLAI?
Summary
Cross-site request forgery (CSRF) vulnerability in EasyBlocks IPv6 Ver. 2.0.1 and earlier and Enterprise Ver. 2.0.1 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- Cross-site request forgery
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Plat'Home Co.,Ltd. | EasyBlocks IPv6 |
Affected:
Ver. 2.0.1 and earlier, and Enterprise Ver. 2.0.1 and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:30:24.599Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.plathome.co.jp/software/ipv6-v2-0-2/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.plathome.co.jp/software/ipv6-enterprise-v2-0-2/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN89224521/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EasyBlocks IPv6",
"vendor": "Plat\u0027Home Co.,Ltd.",
"versions": [
{
"status": "affected",
"version": "Ver. 2.0.1 and earlier, and Enterprise Ver. 2.0.1 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in EasyBlocks IPv6 Ver. 2.0.1 and earlier and Enterprise Ver. 2.0.1 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-site request forgery",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-08T07:50:23",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.plathome.co.jp/software/ipv6-v2-0-2/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.plathome.co.jp/software/ipv6-enterprise-v2-0-2/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/jp/JVN89224521/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2020-5549",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EasyBlocks IPv6",
"version": {
"version_data": [
{
"version_value": "Ver. 2.0.1 and earlier, and Enterprise Ver. 2.0.1 and earlier"
}
]
}
}
]
},
"vendor_name": "Plat\u0027Home Co.,Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in EasyBlocks IPv6 Ver. 2.0.1 and earlier and Enterprise Ver. 2.0.1 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site request forgery"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.plathome.co.jp/software/ipv6-v2-0-2/",
"refsource": "MISC",
"url": "https://www.plathome.co.jp/software/ipv6-v2-0-2/"
},
{
"name": "https://www.plathome.co.jp/software/ipv6-enterprise-v2-0-2/",
"refsource": "MISC",
"url": "https://www.plathome.co.jp/software/ipv6-enterprise-v2-0-2/"
},
{
"name": "https://jvn.jp/en/jp/JVN89224521/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/en/jp/JVN89224521/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2020-5549",
"datePublished": "2020-04-08T07:50:23",
"dateReserved": "2020-01-06T00:00:00",
"dateUpdated": "2024-08-04T08:30:24.599Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5550 (GCVE-0-2020-5550)
Vulnerability from cvelistv5 – Published: 2020-04-08 07:50 – Updated: 2024-08-04 08:30
VLAI?
Summary
Session fixation vulnerability in EasyBlocks IPv6 Ver. 2.0.1 and earlier, and Enterprise Ver. 2.0.1 and earlier allows remote attackers to impersonate a registered user and log in the management console, that may result in information alteration/disclosure via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- Session fixation
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Plat'Home Co.,Ltd. | EasyBlocks IPv6 |
Affected:
Ver. 2.0.1 and earlier, and Enterprise Ver. 2.0.1 and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:30:24.604Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.plathome.co.jp/software/ipv6-v2-0-2/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.plathome.co.jp/software/ipv6-enterprise-v2-0-2/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN89224521/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EasyBlocks IPv6",
"vendor": "Plat\u0027Home Co.,Ltd.",
"versions": [
{
"status": "affected",
"version": "Ver. 2.0.1 and earlier, and Enterprise Ver. 2.0.1 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Session fixation vulnerability in EasyBlocks IPv6 Ver. 2.0.1 and earlier, and Enterprise Ver. 2.0.1 and earlier allows remote attackers to impersonate a registered user and log in the management console, that may result in information alteration/disclosure via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Session fixation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-08T07:50:23",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.plathome.co.jp/software/ipv6-v2-0-2/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.plathome.co.jp/software/ipv6-enterprise-v2-0-2/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/jp/JVN89224521/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2020-5550",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EasyBlocks IPv6",
"version": {
"version_data": [
{
"version_value": "Ver. 2.0.1 and earlier, and Enterprise Ver. 2.0.1 and earlier"
}
]
}
}
]
},
"vendor_name": "Plat\u0027Home Co.,Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Session fixation vulnerability in EasyBlocks IPv6 Ver. 2.0.1 and earlier, and Enterprise Ver. 2.0.1 and earlier allows remote attackers to impersonate a registered user and log in the management console, that may result in information alteration/disclosure via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Session fixation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.plathome.co.jp/software/ipv6-v2-0-2/",
"refsource": "MISC",
"url": "https://www.plathome.co.jp/software/ipv6-v2-0-2/"
},
{
"name": "https://www.plathome.co.jp/software/ipv6-enterprise-v2-0-2/",
"refsource": "MISC",
"url": "https://www.plathome.co.jp/software/ipv6-enterprise-v2-0-2/"
},
{
"name": "https://jvn.jp/en/jp/JVN89224521/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/en/jp/JVN89224521/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2020-5550",
"datePublished": "2020-04-08T07:50:23",
"dateReserved": "2020-01-06T00:00:00",
"dateUpdated": "2024-08-04T08:30:24.604Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5549 (GCVE-0-2020-5549)
Vulnerability from nvd – Published: 2020-04-08 07:50 – Updated: 2024-08-04 08:30
VLAI?
Summary
Cross-site request forgery (CSRF) vulnerability in EasyBlocks IPv6 Ver. 2.0.1 and earlier and Enterprise Ver. 2.0.1 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- Cross-site request forgery
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Plat'Home Co.,Ltd. | EasyBlocks IPv6 |
Affected:
Ver. 2.0.1 and earlier, and Enterprise Ver. 2.0.1 and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:30:24.599Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.plathome.co.jp/software/ipv6-v2-0-2/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.plathome.co.jp/software/ipv6-enterprise-v2-0-2/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN89224521/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EasyBlocks IPv6",
"vendor": "Plat\u0027Home Co.,Ltd.",
"versions": [
{
"status": "affected",
"version": "Ver. 2.0.1 and earlier, and Enterprise Ver. 2.0.1 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in EasyBlocks IPv6 Ver. 2.0.1 and earlier and Enterprise Ver. 2.0.1 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-site request forgery",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-08T07:50:23",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.plathome.co.jp/software/ipv6-v2-0-2/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.plathome.co.jp/software/ipv6-enterprise-v2-0-2/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/jp/JVN89224521/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2020-5549",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EasyBlocks IPv6",
"version": {
"version_data": [
{
"version_value": "Ver. 2.0.1 and earlier, and Enterprise Ver. 2.0.1 and earlier"
}
]
}
}
]
},
"vendor_name": "Plat\u0027Home Co.,Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in EasyBlocks IPv6 Ver. 2.0.1 and earlier and Enterprise Ver. 2.0.1 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site request forgery"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.plathome.co.jp/software/ipv6-v2-0-2/",
"refsource": "MISC",
"url": "https://www.plathome.co.jp/software/ipv6-v2-0-2/"
},
{
"name": "https://www.plathome.co.jp/software/ipv6-enterprise-v2-0-2/",
"refsource": "MISC",
"url": "https://www.plathome.co.jp/software/ipv6-enterprise-v2-0-2/"
},
{
"name": "https://jvn.jp/en/jp/JVN89224521/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/en/jp/JVN89224521/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2020-5549",
"datePublished": "2020-04-08T07:50:23",
"dateReserved": "2020-01-06T00:00:00",
"dateUpdated": "2024-08-04T08:30:24.599Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5550 (GCVE-0-2020-5550)
Vulnerability from nvd – Published: 2020-04-08 07:50 – Updated: 2024-08-04 08:30
VLAI?
Summary
Session fixation vulnerability in EasyBlocks IPv6 Ver. 2.0.1 and earlier, and Enterprise Ver. 2.0.1 and earlier allows remote attackers to impersonate a registered user and log in the management console, that may result in information alteration/disclosure via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- Session fixation
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Plat'Home Co.,Ltd. | EasyBlocks IPv6 |
Affected:
Ver. 2.0.1 and earlier, and Enterprise Ver. 2.0.1 and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:30:24.604Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.plathome.co.jp/software/ipv6-v2-0-2/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.plathome.co.jp/software/ipv6-enterprise-v2-0-2/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN89224521/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EasyBlocks IPv6",
"vendor": "Plat\u0027Home Co.,Ltd.",
"versions": [
{
"status": "affected",
"version": "Ver. 2.0.1 and earlier, and Enterprise Ver. 2.0.1 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Session fixation vulnerability in EasyBlocks IPv6 Ver. 2.0.1 and earlier, and Enterprise Ver. 2.0.1 and earlier allows remote attackers to impersonate a registered user and log in the management console, that may result in information alteration/disclosure via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Session fixation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-08T07:50:23",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.plathome.co.jp/software/ipv6-v2-0-2/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.plathome.co.jp/software/ipv6-enterprise-v2-0-2/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/jp/JVN89224521/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2020-5550",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EasyBlocks IPv6",
"version": {
"version_data": [
{
"version_value": "Ver. 2.0.1 and earlier, and Enterprise Ver. 2.0.1 and earlier"
}
]
}
}
]
},
"vendor_name": "Plat\u0027Home Co.,Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Session fixation vulnerability in EasyBlocks IPv6 Ver. 2.0.1 and earlier, and Enterprise Ver. 2.0.1 and earlier allows remote attackers to impersonate a registered user and log in the management console, that may result in information alteration/disclosure via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Session fixation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.plathome.co.jp/software/ipv6-v2-0-2/",
"refsource": "MISC",
"url": "https://www.plathome.co.jp/software/ipv6-v2-0-2/"
},
{
"name": "https://www.plathome.co.jp/software/ipv6-enterprise-v2-0-2/",
"refsource": "MISC",
"url": "https://www.plathome.co.jp/software/ipv6-enterprise-v2-0-2/"
},
{
"name": "https://jvn.jp/en/jp/JVN89224521/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/en/jp/JVN89224521/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2020-5550",
"datePublished": "2020-04-08T07:50:23",
"dateReserved": "2020-01-06T00:00:00",
"dateUpdated": "2024-08-04T08:30:24.604Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}