Search criteria
5 vulnerabilities by FUJIFILM Business Innovation Corp.
CVE-2025-48499 (GCVE-0-2025-48499)
Vulnerability from cvelistv5 – Published: 2025-08-04 05:17 – Updated: 2025-08-07 16:05
VLAI?
Summary
Out-of-bounds write vulnerability exists in FUJIFILM Business Innovation MFPs. A specially crafted IPP (Internet Printing Protocol) or LPD (Line Printer Daemon) packet may cause a denial-of-service (DoS) condition on an affected MFP. Resetting the MFP is required to recover from the denial-of-service (DoS) condition.
Severity ?
5.3 (Medium)
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-48499",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-04T16:39:52.400612Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-07T16:05:44.214Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DocuPrint CP225 w",
"vendor": "FUJIFILM Business Innovation Corp.",
"versions": [
{
"status": "affected",
"version": "01.23.02 and earlier"
}
]
},
{
"product": "DocuPrint CP228 w",
"vendor": "FUJIFILM Business Innovation Corp.",
"versions": [
{
"status": "affected",
"version": "01.23.02 and earlier"
}
]
},
{
"product": "DocuPrint CP115 w",
"vendor": "FUJIFILM Business Innovation Corp.",
"versions": [
{
"status": "affected",
"version": "01.09.00 and earlier"
}
]
},
{
"product": "DocuPrint CP118 w",
"vendor": "FUJIFILM Business Innovation Corp.",
"versions": [
{
"status": "affected",
"version": "01.09.00 and earlier"
}
]
},
{
"product": "DocuPrint CP116 w",
"vendor": "FUJIFILM Business Innovation Corp.",
"versions": [
{
"status": "affected",
"version": "01.09.00 and earlier"
}
]
},
{
"product": "DocuPrint CP119 w",
"vendor": "FUJIFILM Business Innovation Corp.",
"versions": [
{
"status": "affected",
"version": "01.09.00 and earlier"
}
]
},
{
"product": "DocuPrint CM225 fw",
"vendor": "FUJIFILM Business Innovation Corp.",
"versions": [
{
"status": "affected",
"version": "01.12.02 and earlier"
}
]
},
{
"product": "DocuPrint CM228 fw",
"vendor": "FUJIFILM Business Innovation Corp.",
"versions": [
{
"status": "affected",
"version": "01.12.02 and earlier"
}
]
},
{
"product": "DocuPrint CM115 w",
"vendor": "FUJIFILM Business Innovation Corp.",
"versions": [
{
"status": "affected",
"version": "01.09.01 and earlier"
}
]
},
{
"product": "DocuPrint CM118 w",
"vendor": "FUJIFILM Business Innovation Corp.",
"versions": [
{
"status": "affected",
"version": "01.09.01 and earlier"
}
]
},
{
"product": "Apoes 2150 N",
"vendor": "FUJIFILM Business Innovation Corp.",
"versions": [
{
"status": "affected",
"version": "01.00.47 and earlier"
}
]
},
{
"product": "Apoes 2350 NDA",
"vendor": "FUJIFILM Business Innovation Corp.",
"versions": [
{
"status": "affected",
"version": "01.00.47 and earlier"
}
]
},
{
"product": "Apoes 2150 ND",
"vendor": "FUJIFILM Business Innovation Corp.",
"versions": [
{
"status": "affected",
"version": "01.00.47 and earlier"
}
]
},
{
"product": "Apoes 2150 NDA",
"vendor": "FUJIFILM Business Innovation Corp.",
"versions": [
{
"status": "affected",
"version": "01.00.47 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds write vulnerability exists in FUJIFILM Business Innovation MFPs. A specially crafted IPP (Internet Printing Protocol) or LPD (Line Printer Daemon) packet may cause a denial-of-service (DoS) condition on an affected MFP. Resetting the MFP is required to recover from the denial-of-service (DoS) condition."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-04T05:17:01.537Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.fujifilm.com/fbglobal/eng/company/news/notice/2025/0804_announce.html"
},
{
"url": "https://jvn.jp/en/vu/JVNVU93897456/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2025-48499",
"datePublished": "2025-08-04T05:17:01.537Z",
"dateReserved": "2025-07-14T05:09:53.900Z",
"dateUpdated": "2025-08-07T16:05:44.214Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-45320 (GCVE-0-2024-45320)
Vulnerability from cvelistv5 – Published: 2025-02-18 05:20 – Updated: 2025-02-18 14:58
VLAI?
Summary
Out-of-bounds write vulnerability exists in DocuPrint CP225w 01.22.01 and earlier, DocuPrint CP228w 01.22.01 and earlier, DocuPrint CM225fw 01.10.01 and earlier, and DocuPrint CM228fw 01.10.01 and earlier. If an affected MFP processes a specially crafted printer job file, a denial-of-service (DoS) condition may occur.
Severity ?
6.5 (Medium)
CWE
- CWE-787 - Out-of-bounds write
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| FUJIFILM Business Innovation Corp. | DocuPrint CP225w |
Affected:
01.22.01 and earlier
|
|||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-45320",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-18T14:58:39.290272Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-18T14:58:44.985Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DocuPrint CP225w",
"vendor": "FUJIFILM Business Innovation Corp.",
"versions": [
{
"status": "affected",
"version": "01.22.01 and earlier"
}
]
},
{
"product": "DocuPrint CP228w",
"vendor": "FUJIFILM Business Innovation Corp.",
"versions": [
{
"status": "affected",
"version": "01.22.01 and earlier"
}
]
},
{
"product": "DocuPrint CM225fw",
"vendor": "FUJIFILM Business Innovation Corp.",
"versions": [
{
"status": "affected",
"version": "01.10.01 and earlier"
}
]
},
{
"product": "DocuPrint CM228fw",
"vendor": "FUJIFILM Business Innovation Corp.",
"versions": [
{
"status": "affected",
"version": "01.10.01 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds write vulnerability exists in DocuPrint CP225w 01.22.01 and earlier, DocuPrint CP228w 01.22.01 and earlier, DocuPrint CM225fw 01.10.01 and earlier, and DocuPrint CM228fw 01.10.01 and earlier. If an affected MFP processes a specially crafted printer job file, a denial-of-service (DoS) condition may occur."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds write",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-18T05:20:23.570Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.fujifilm.com/fbglobal/eng/company/news/notice/2025/0217_announce.html"
},
{
"url": "https://jvn.jp/en/vu/JVNVU96297631/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2024-45320",
"datePublished": "2025-02-18T05:20:23.570Z",
"dateReserved": "2024-08-27T01:52:28.658Z",
"dateUpdated": "2025-02-18T14:58:44.985Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22475 (GCVE-0-2024-22475)
Vulnerability from cvelistv5 – Published: 2024-03-18 08:03 – Updated: 2024-10-27 21:26
VLAI?
Summary
Cross-site request forgery vulnerability in multiple printers and scanners which implement Web Based Management provided by BROTHER INDUSTRIES, LTD. allows a remote unauthenticated attacker to perform unintended operations on the affected product. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].
Severity ?
6.1 (Medium)
CWE
- Cross-site request forgery (CSRF)
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| BROTHER INDUSTRIES, LTD. | Multiple printers and scanners |
Affected:
see the information provided by the vendor
|
|||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-22475",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-17T18:18:38.595032Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-27T21:26:34.557Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:51:09.846Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.brother.com/g/b/link.aspx?prod=group2\u0026faqid=faqp00100601_000"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.brother.com/g/b/link.aspx?prod=lmgroup1\u0026faqid=faq00100823_000"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.fujifilm.com/fbglobal/eng/company/news/notice/2024/0306_2_announce.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2024-000002"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.toshibatec.com/information/20240306_01.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN82749078/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Multiple printers and scanners",
"vendor": "BROTHER INDUSTRIES, LTD.",
"versions": [
{
"status": "affected",
"version": "see the information provided by the vendor"
}
]
},
{
"product": "Multiple printers and scanners",
"vendor": "FUJIFILM Business Innovation Corp.",
"versions": [
{
"status": "affected",
"version": "see the information provided by the vendor"
}
]
},
{
"product": "Multiple printers and scanners",
"vendor": "Toshiba Tec Corporation",
"versions": [
{
"status": "affected",
"version": "see the information provided by the vendor"
}
]
},
{
"product": "Multiple printers and scanners",
"vendor": "RICOH COMPANY, LTD.",
"versions": [
{
"status": "affected",
"version": "see the information provided by the vendor"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery vulnerability in multiple printers and scanners which implement Web Based Management provided by BROTHER INDUSTRIES, LTD. allows a remote unauthenticated attacker to perform unintended operations on the affected product. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References]."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-site request forgery (CSRF)",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-18T08:03:36.146Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://support.brother.com/g/b/link.aspx?prod=group2\u0026faqid=faqp00100601_000"
},
{
"url": "https://support.brother.com/g/b/link.aspx?prod=lmgroup1\u0026faqid=faq00100823_000"
},
{
"url": "https://www.fujifilm.com/fbglobal/eng/company/news/notice/2024/0306_2_announce.html"
},
{
"url": "https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2024-000002"
},
{
"url": "https://www.toshibatec.com/information/20240306_01.html"
},
{
"url": "https://jvn.jp/en/jp/JVN82749078/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2024-22475",
"datePublished": "2024-03-18T08:03:36.146Z",
"dateReserved": "2024-02-09T04:42:38.473Z",
"dateUpdated": "2024-10-27T21:26:34.557Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-21824 (GCVE-0-2024-21824)
Vulnerability from cvelistv5 – Published: 2024-03-18 08:01 – Updated: 2024-11-07 15:26
VLAI?
Summary
Improper authentication vulnerability in exists in multiple printers and scanners which implement Web Based Management provided by BROTHER INDUSTRIES, LTD. If this vulnerability is exploited, a network-adjacent user who can access the product may impersonate an administrative user. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].
Severity ?
5.3 (Medium)
CWE
- Improper authentication
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| BROTHER INDUSTRIES, LTD. | Multiple printers and scanners |
Affected:
see the information provided by the vendor
|
|||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-21824",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-17T18:20:15.364083Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T15:26:23.509Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:27:36.289Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.brother.com/g/b/link.aspx?prod=group2\u0026faqid=faqp00100601_000"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.brother.com/g/b/link.aspx?prod=lmgroup1\u0026faqid=faq00100823_000"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.fujifilm.com/fbglobal/eng/company/news/notice/2024/0306_2_announce.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2024-000002"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.toshibatec.com/information/20240306_01.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN82749078/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Multiple printers and scanners",
"vendor": "BROTHER INDUSTRIES, LTD.",
"versions": [
{
"status": "affected",
"version": "see the information provided by the vendor"
}
]
},
{
"product": "Multiple printers and scanners",
"vendor": "FUJIFILM Business Innovation Corp.",
"versions": [
{
"status": "affected",
"version": "see the information provided by the vendor"
}
]
},
{
"product": "Multiple printers and scanners",
"vendor": "Toshiba Tec Corporation",
"versions": [
{
"status": "affected",
"version": "see the information provided by the vendor"
}
]
},
{
"product": "Multiple printers and scanners",
"vendor": "RICOH COMPANY, LTD.",
"versions": [
{
"status": "affected",
"version": "see the information provided by the vendor"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper authentication vulnerability in exists in multiple printers and scanners which implement Web Based Management provided by BROTHER INDUSTRIES, LTD. If this vulnerability is exploited, a network-adjacent user who can access the product may impersonate an administrative user. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References]."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper authentication",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-18T08:01:57.734Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://support.brother.com/g/b/link.aspx?prod=group2\u0026faqid=faqp00100601_000"
},
{
"url": "https://support.brother.com/g/b/link.aspx?prod=lmgroup1\u0026faqid=faq00100823_000"
},
{
"url": "https://www.fujifilm.com/fbglobal/eng/company/news/notice/2024/0306_2_announce.html"
},
{
"url": "https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2024-000002"
},
{
"url": "https://www.toshibatec.com/information/20240306_01.html"
},
{
"url": "https://jvn.jp/en/jp/JVN82749078/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2024-21824",
"datePublished": "2024-03-18T08:01:57.734Z",
"dateReserved": "2024-02-09T04:42:37.389Z",
"dateUpdated": "2024-11-07T15:26:23.509Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-43460 (GCVE-0-2022-43460)
Vulnerability from cvelistv5 – Published: 2023-02-13 00:00 – Updated: 2025-03-21 18:34
VLAI?
Summary
Driver Distributor v2.2.3.1 and earlier contains a vulnerability where passwords are stored in a recoverable format. If an attacker obtains a configuration file of Driver Distributor, the encrypted administrator's credentials may be decrypted.
Severity ?
7.5 (High)
CWE
- Storing passwords in a recoverable format
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| FUJIFILM Business Innovation Corp. | Driver Distributor |
Affected:
v2.2.3.1 and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T13:32:58.857Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.fujifilm.com/fbglobal/eng/company/news/notice/2023/0131_announce.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN22830348/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-43460",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-21T18:33:49.667259Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-522",
"description": "CWE-522 Insufficiently Protected Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-21T18:34:23.542Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Driver Distributor",
"vendor": "FUJIFILM Business Innovation Corp.",
"versions": [
{
"status": "affected",
"version": "v2.2.3.1 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Driver Distributor v2.2.3.1 and earlier contains a vulnerability where passwords are stored in a recoverable format. If an attacker obtains a configuration file of Driver Distributor, the encrypted administrator\u0027s credentials may be decrypted."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Storing passwords in a recoverable format",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-13T00:00:00.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.fujifilm.com/fbglobal/eng/company/news/notice/2023/0131_announce.html"
},
{
"url": "https://jvn.jp/en/jp/JVN22830348/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2022-43460",
"datePublished": "2023-02-13T00:00:00.000Z",
"dateReserved": "2022-12-09T00:00:00.000Z",
"dateUpdated": "2025-03-21T18:34:23.542Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}