Search criteria
8 vulnerabilities by Fujitsu Limited
CVE-2025-57846 (GCVE-0-2025-57846)
Vulnerability from cvelistv5 – Published: 2025-08-27 05:28 – Updated: 2025-08-27 14:52
VLAI?
Summary
Multiple i-フィルター products contain an issue with incorrect default permissions. If this vulnerability is exploited, a local authenticated attacker may replace a service executable on the system where the product is running, potentially allowing arbitrary code execution with SYSTEM privileges.
Severity ?
CWE
- CWE-276 - Incorrect default permissions
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Digital Arts Inc. | i-フィルター 6.0 |
Affected:
prior to 6.00.55
|
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-57846",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-27T14:47:59.700143Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-27T14:52:39.319Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "i-\u30d5\u30a3\u30eb\u30bf\u30fc 6.0",
"vendor": "Digital Arts Inc.",
"versions": [
{
"status": "affected",
"version": "prior to 6.00.55"
}
]
},
{
"product": "i-\u30d5\u30a3\u30eb\u30bf\u30fc for \u30de\u30eb\u30c1\u30c7\u30d0\u30a4\u30b9",
"vendor": "Digital Arts Inc.",
"versions": [
{
"status": "affected",
"version": "prior to 6.00.55 (Windows version only)"
}
]
},
{
"product": "i-\u30d5\u30a3\u30eb\u30bf\u30fc for ZAQ",
"vendor": "Digital Arts Inc.",
"versions": [
{
"status": "affected",
"version": "prior to 6.00.55 (Windows version only)"
}
]
},
{
"product": "i-\u30d5\u30a3\u30eb\u30bf\u30fc for \u30cd\u30c3\u30c8\u30ab\u30d5\u30a7",
"vendor": "Digital Arts Inc.",
"versions": [
{
"status": "affected",
"version": "prior to 6.10.55"
}
]
},
{
"product": "i-FILTER \u30d6\u30e9\u30a6\u30b6\u30fc\uff06\u30af\u30e9\u30a6\u30c9 MultiAgent for Windows",
"vendor": "Digital Arts Inc.",
"versions": [
{
"status": "affected",
"version": "prior to 4.93.R11"
}
]
},
{
"product": "FENCE-Mobile RemoteManager i-FILTER Browser Service",
"vendor": "Fujitsu Limited",
"versions": [
{
"status": "affected",
"version": "prior to 4.93R11"
}
]
},
{
"product": "Optimal Biz Web Filtering Powered by i-FILTER (Windows version)",
"vendor": "OPTiM Corporation",
"versions": [
{
"status": "affected",
"version": "prior to 4.93R11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple i-\u30d5\u30a3\u30eb\u30bf\u30fc products contain an issue with incorrect default permissions. If this vulnerability is exploited, a local authenticated attacker may replace a service executable on the system where the product is running, potentially allowing arbitrary code execution with SYSTEM privileges."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"baseScore": 8.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "Incorrect default permissions",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-27T05:28:42.925Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.daj.jp/shared/php/downloadset/c/parts.php?page=dl\u0026filename=information_20250827_01.pdf"
},
{
"url": "https://www.daj.jp/shared/php/downloadset/c/parts.php?page=dl\u0026filename=information_20250827_02.pdf"
},
{
"url": "https://jvn.jp/en/jp/JVN55678602/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2025-57846",
"datePublished": "2025-08-27T05:28:42.925Z",
"dateReserved": "2025-08-21T04:04:10.182Z",
"dateUpdated": "2025-08-27T14:52:39.319Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-40617 (GCVE-0-2024-40617)
Vulnerability from cvelistv5 – Published: 2024-07-17 08:44 – Updated: 2024-10-29 20:04
VLAI?
Summary
Path traversal vulnerability exists in FUJITSU Network Edgiot GW1500 (M2M-GW for FENICS). If a remote authenticated attacker with User Class privilege sends a specially crafted request to the affected product, access restricted files containing sensitive information may be accessed. As a result, Administrator Class privileges of the product may be hijacked.
Severity ?
6.5 (Medium)
CWE
- Path traversal
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fujitsu Limited | FUJITSU Network Edgiot GW1500 (M2M-GW for FENICS) |
Affected:
prior to V02L19C01
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-40617",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-23T13:18:04.112623Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-29T20:04:48.758Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:33:12.034Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://fenics.fujitsu.com/networkservice/m2m/download/update-m.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN25583987/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "FUJITSU Network Edgiot GW1500 (M2M-GW for FENICS)",
"vendor": "Fujitsu Limited",
"versions": [
{
"status": "affected",
"version": "prior to V02L19C01"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Path traversal vulnerability exists in FUJITSU Network Edgiot GW1500 (M2M-GW for FENICS). If a remote authenticated attacker with User Class privilege sends a specially crafted request to the affected product, access restricted files containing sensitive information may be accessed. As a result, Administrator Class privileges of the product may be hijacked."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Path traversal",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-17T08:44:44.939Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://fenics.fujitsu.com/networkservice/m2m/download/update-m.html"
},
{
"url": "https://jvn.jp/en/jp/JVN25583987/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2024-40617",
"datePublished": "2024-07-17T08:44:44.939Z",
"dateReserved": "2024-07-08T00:59:01.182Z",
"dateUpdated": "2024-10-29T20:04:48.758Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39379 (GCVE-0-2023-39379)
Vulnerability from cvelistv5 – Published: 2023-08-04 09:43 – Updated: 2024-10-21 19:29
VLAI?
Summary
Fujitsu Software Infrastructure Manager (ISM) stores sensitive information at the product's maintenance data (ismsnap) in cleartext form. As a result, the password for the proxy server that is configured in ISM may be retrieved. Affected products and versions are as follows: Fujitsu Software Infrastructure Manager Advanced Edition V2.8.0.060, Fujitsu Software Infrastructure Manager Advanced Edition for PRIMEFLEX V2.8.0.060, and Fujitsu Software Infrastructure Manager Essential Edition V2.8.0.060.
Severity ?
No CVSS data available.
CWE
- Cleartext storage of sensitive information
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Fujitsu Limited | Fujitsu Software Infrastructure Manager Advanced Edition |
Affected:
V2.8.0.060
|
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:20.287Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.ts.fujitsu.com/IndexProdSecurity.asp?lng=en"
},
{
"tags": [
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN38847224/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39379",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-21T19:29:16.035409Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-21T19:29:32.915Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Fujitsu Software Infrastructure Manager Advanced Edition",
"vendor": "Fujitsu Limited",
"versions": [
{
"status": "affected",
"version": "V2.8.0.060"
}
]
},
{
"product": "Fujitsu Software Infrastructure Manager Advanced Edition for PRIMEFLEX",
"vendor": "Fujitsu Limited",
"versions": [
{
"status": "affected",
"version": "V2.8.0.060"
}
]
},
{
"product": "Fujitsu Software Infrastructure Manager Essential Edition",
"vendor": "Fujitsu Limited",
"versions": [
{
"status": "affected",
"version": "V2.8.0.060"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Fujitsu Software Infrastructure Manager (ISM) stores sensitive information at the product\u0027s maintenance data (ismsnap) in cleartext form. As a result, the password for the proxy server that is configured in ISM may be retrieved. Affected products and versions are as follows: Fujitsu Software Infrastructure Manager Advanced Edition V2.8.0.060, Fujitsu Software Infrastructure Manager Advanced Edition for PRIMEFLEX V2.8.0.060, and Fujitsu Software Infrastructure Manager Essential Edition V2.8.0.060.\r\n"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cleartext storage of sensitive information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-04T09:43:32.360Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://support.ts.fujitsu.com/IndexProdSecurity.asp?lng=en"
},
{
"url": "https://jvn.jp/en/jp/JVN38847224/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2023-39379",
"datePublished": "2023-08-04T09:43:32.360Z",
"dateReserved": "2023-07-31T02:14:34.126Z",
"dateUpdated": "2024-10-21T19:29:32.915Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-38433 (GCVE-0-2023-38433)
Vulnerability from cvelistv5 – Published: 2023-07-26 07:44 – Updated: 2024-10-23 14:50
VLAI?
Summary
Fujitsu Real-time Video Transmission Gear "IP series" use hard-coded credentials, which may allow a remote unauthenticated attacker to initialize or reboot the products, and as a result, terminate the video transmission. Affected products and versions are as follows: IP-HE950E firmware versions V01L001 to V01L053, IP-HE950D firmware versions V01L001 to V01L053, IP-HE900E firmware versions V01L001 to V01L010, IP-HE900D firmware versions V01L001 to V01L004, IP-900E / IP-920E firmware versions V01L001 to V02L061, IP-900D / IP-900ⅡD / IP-920D firmware versions V01L001 to V02L061, IP-90 firmware versions V01L001 to V01L013, and IP-9610 firmware versions V01L001 to V02L007.
Severity ?
No CVSS data available.
CWE
- Use of Hard-coded Credentials
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Fujitsu Limited | IP-HE950E |
Affected:
firmware versions V01L001 to V01L053
|
|||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:39:13.693Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.fujitsu.com/global/products/computing/peripheral/video/download/"
},
{
"tags": [
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN95727578/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:fujitsu:ip-he950e:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ip-he950e",
"vendor": "fujitsu",
"versions": [
{
"lessThanOrEqual": "V01L053",
"status": "affected",
"version": "V01L001",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:fujitsu:ip-he950d_firmware:v01l001:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ip-he950d_firmware",
"vendor": "fujitsu",
"versions": [
{
"lessThanOrEqual": "V01L053",
"status": "affected",
"version": "v01l001",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:fujitsu:ip-he900e_firmware:v01l001:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ip-he900e_firmware",
"vendor": "fujitsu",
"versions": [
{
"lessThanOrEqual": "V01L010",
"status": "affected",
"version": "v01l001",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:fujitsu:ip-he900d_firmware:v01l001:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ip-he900d_firmware",
"vendor": "fujitsu",
"versions": [
{
"lessThanOrEqual": "V01L004",
"status": "affected",
"version": "v01l001",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:fujitsu:ip-900e_firmware:v01l001:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ip-900e_firmware",
"vendor": "fujitsu",
"versions": [
{
"lessThanOrEqual": "V02L061",
"status": "affected",
"version": "v01l001",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:fujitsu:ip-920e_firmware:v01l001:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ip-920e_firmware",
"vendor": "fujitsu",
"versions": [
{
"lessThanOrEqual": "V02L061",
"status": "affected",
"version": "v01l001",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:fujitsu:ip-900d_firmware:v01l001:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ip-900d_firmware",
"vendor": "fujitsu",
"versions": [
{
"lessThanOrEqual": "V02L061",
"status": "affected",
"version": "v01l001",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:fujitsu:ip-900iid_firmware:v01l001:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ip-900iid_firmware",
"vendor": "fujitsu",
"versions": [
{
"lessThanOrEqual": "V02L061",
"status": "affected",
"version": "v01l001",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:fujitsu:ip-920d_firmware:v01l001:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ip-920d_firmware",
"vendor": "fujitsu",
"versions": [
{
"lessThanOrEqual": "V02L061",
"status": "affected",
"version": "v01l001",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:fujitsu:ip-90:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ip-90",
"vendor": "fujitsu",
"versions": [
{
"lessThanOrEqual": "V01L013",
"status": "affected",
"version": "V01L001",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:fujitsu:ip-9610_firmware:v01l001:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ip-9610_firmware",
"vendor": "fujitsu",
"versions": [
{
"lessThanOrEqual": "V02L007",
"status": "affected",
"version": "v01l001",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-38433",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T14:27:21.919772Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T14:50:47.908Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "IP-HE950E",
"vendor": "Fujitsu Limited ",
"versions": [
{
"status": "affected",
"version": "firmware versions V01L001 to V01L053"
}
]
},
{
"product": "IP-HE950D",
"vendor": "Fujitsu Limited ",
"versions": [
{
"status": "affected",
"version": "firmware versions V01L001 to V01L053"
}
]
},
{
"product": "IP-HE900E",
"vendor": "Fujitsu Limited ",
"versions": [
{
"status": "affected",
"version": "firmware versions V01L001 to V01L010"
}
]
},
{
"product": "IP-HE900D",
"vendor": "Fujitsu Limited ",
"versions": [
{
"status": "affected",
"version": "firmware versions V01L001 to V01L004"
}
]
},
{
"product": "IP-900E / IP-920E",
"vendor": "Fujitsu Limited ",
"versions": [
{
"status": "affected",
"version": "firmware versions V01L001 to V02L061"
}
]
},
{
"product": "IP-900D / IP-900\u2161D / IP-920D",
"vendor": "Fujitsu Limited ",
"versions": [
{
"status": "affected",
"version": "firmware versions V01L001 to V02L061"
}
]
},
{
"product": "IP-90",
"vendor": "Fujitsu Limited ",
"versions": [
{
"status": "affected",
"version": "firmware versions V01L001 to V01L013"
}
]
},
{
"product": "IP-9610",
"vendor": "Fujitsu Limited ",
"versions": [
{
"status": "affected",
"version": "firmware versions V01L001 to V02L007"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Fujitsu Real-time Video Transmission Gear \"IP series\" use hard-coded credentials, which may allow a remote unauthenticated attacker to initialize or reboot the products, and as a result, terminate the video transmission. Affected products and versions are as follows: IP-HE950E firmware versions V01L001 to V01L053, IP-HE950D firmware versions V01L001 to V01L053, IP-HE900E firmware versions V01L001 to V01L010, IP-HE900D firmware versions V01L001 to V01L004, IP-900E / IP-920E firmware versions V01L001 to V02L061, IP-900D / IP-900\u2161D / IP-920D firmware versions V01L001 to V02L061, IP-90 firmware versions V01L001 to V01L013, and IP-9610 firmware versions V01L001 to V02L007."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use of Hard-coded Credentials",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-26T07:44:04.302Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.fujitsu.com/global/products/computing/peripheral/video/download/"
},
{
"url": "https://jvn.jp/en/jp/JVN95727578/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2023-38433",
"datePublished": "2023-07-26T07:44:04.302Z",
"dateReserved": "2023-07-18T00:32:29.582Z",
"dateUpdated": "2024-10-23T14:50:47.908Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-38555 (GCVE-0-2023-38555)
Vulnerability from cvelistv5 – Published: 2023-07-26 07:43 – Updated: 2024-11-14 15:00
VLAI?
Summary
Authentication bypass vulnerability in Fujitsu network devices Si-R series and SR-M series allows a network-adjacent unauthenticated attacker to obtain, change, and/or reset configuration settings of the affected products. Affected products and versions are as follows: Si-R 30B all versions, Si-R 130B all versions, Si-R 90brin all versions, Si-R570B all versions, Si-R370B all versions, Si-R220D all versions, Si-R G100 V02.54 and earlier, Si-R G200 V02.54 and earlier, Si-R G100B V04.12 and earlier, Si-R G110B V04.12 and earlier, Si-R G200B V04.12 and earlier, Si-R G210 V20.52 and earlier, Si-R G211 V20.52 and earlier, Si-R G120 V20.52 and earlier, Si-R G121 V20.52 and earlier, and SR-M 50AP1 all versions.
Severity ?
No CVSS data available.
CWE
- Authentication bypass
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Fujitsu Limited | Si-R 30B |
Affected:
All versions
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:46:56.080Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.fujitsu.com/jp/products/network/support/2023/fjlan-01/"
},
{
"tags": [
"x_transferred"
],
"url": "https://jvn.jp/en/vu/JVNVU96643580/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-38555",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-14T15:00:40.540182Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-14T15:00:48.965Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Si-R 30B",
"vendor": "Fujitsu Limited",
"versions": [
{
"status": "affected",
"version": "All versions "
}
]
},
{
"product": "Si-R 130B",
"vendor": "Fujitsu Limited",
"versions": [
{
"status": "affected",
"version": "All versions "
}
]
},
{
"product": "Si-R 90brin",
"vendor": "Fujitsu Limited",
"versions": [
{
"status": "affected",
"version": "All versions "
}
]
},
{
"product": "Si-R570B",
"vendor": "Fujitsu Limited",
"versions": [
{
"status": "affected",
"version": "All versions "
}
]
},
{
"product": "Si-R370B",
"vendor": "Fujitsu Limited",
"versions": [
{
"status": "affected",
"version": "All versions "
}
]
},
{
"product": "Si-R220D",
"vendor": "Fujitsu Limited",
"versions": [
{
"status": "affected",
"version": "All versions "
}
]
},
{
"product": "Si-R G100",
"vendor": "Fujitsu Limited",
"versions": [
{
"status": "affected",
"version": "V02.54 and earlier "
}
]
},
{
"product": "Si-R G200",
"vendor": "Fujitsu Limited",
"versions": [
{
"status": "affected",
"version": "V02.54 and earlier "
}
]
},
{
"product": "Si-R G100B",
"vendor": "Fujitsu Limited",
"versions": [
{
"status": "affected",
"version": "V04.12 and earlier "
}
]
},
{
"product": "Si-R G110B",
"vendor": "Fujitsu Limited",
"versions": [
{
"status": "affected",
"version": "V04.12 and earlier "
}
]
},
{
"product": "Si-R G200B",
"vendor": "Fujitsu Limited",
"versions": [
{
"status": "affected",
"version": "V04.12 and earlier "
}
]
},
{
"product": "Si-R G210",
"vendor": "Fujitsu Limited",
"versions": [
{
"status": "affected",
"version": "V20.52 and earlier "
}
]
},
{
"product": "Si-R G211",
"vendor": "Fujitsu Limited",
"versions": [
{
"status": "affected",
"version": "V20.52 and earlier "
}
]
},
{
"product": "Si-R G120",
"vendor": "Fujitsu Limited",
"versions": [
{
"status": "affected",
"version": "V20.52 and earlier "
}
]
},
{
"product": "Si-R G121",
"vendor": "Fujitsu Limited",
"versions": [
{
"status": "affected",
"version": "V20.52 and earlier "
}
]
},
{
"product": "SR-M 50AP1",
"vendor": "Fujitsu Limited",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Authentication bypass vulnerability in Fujitsu network devices Si-R series and SR-M series allows a network-adjacent unauthenticated attacker to obtain, change, and/or reset configuration settings of the affected products. Affected products and versions are as follows: Si-R 30B all versions, Si-R 130B all versions, Si-R 90brin all versions, Si-R570B all versions, Si-R370B all versions, Si-R220D all versions, Si-R G100 V02.54 and earlier, Si-R G200 V02.54 and earlier, Si-R G100B V04.12 and earlier, Si-R G110B V04.12 and earlier, Si-R G200B V04.12 and earlier, Si-R G210 V20.52 and earlier, Si-R G211 V20.52 and earlier, Si-R G120 V20.52 and earlier, Si-R G121 V20.52 and earlier, and SR-M 50AP1 all versions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Authentication bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-26T07:43:21.819Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.fujitsu.com/jp/products/network/support/2023/fjlan-01/"
},
{
"url": "https://jvn.jp/en/vu/JVNVU96643580/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2023-38555",
"datePublished": "2023-07-26T07:43:21.819Z",
"dateReserved": "2023-07-20T04:38:59.286Z",
"dateUpdated": "2024-11-14T15:00:48.965Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22377 (GCVE-0-2023-22377)
Vulnerability from cvelistv5 – Published: 2023-02-15 00:00 – Updated: 2025-03-19 17:36
VLAI?
Summary
Improper restriction of XML external entity reference (XXE) vulnerability exists in tsClinical Define.xml Generator all versions (v1.0.0 to v1.4.0) and tsClinical Metadata Desktop Tools Version 1.0.3 to Version 1.1.0. If this vulnerability is exploited, an attacker may obtain an arbitrary file which meets a certain condition by reading a specially crafted XML file.
Severity ?
7.4 (High)
CWE
- Improper restriction of XML external entity reference
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| FUJITSU LIMITED | tsClinical Define.xml Generator and tsClinical Metadata Desktop Tools |
Affected:
tsClinical Define.xml Generator all versions (v1.0.0 to v1.4.0) and tsClinical Metadata Desktop Tools Version 1.0.3 to Version 1.1.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:07:06.571Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/tsClinical/tsc-desktop/security/advisories"
},
{
"tags": [
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN00712821/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-22377",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-19T17:35:26.210550Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611 Improper Restriction of XML External Entity Reference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-19T17:36:31.386Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "tsClinical Define.xml Generator and tsClinical Metadata Desktop Tools",
"vendor": "FUJITSU LIMITED",
"versions": [
{
"status": "affected",
"version": "tsClinical Define.xml Generator all versions (v1.0.0 to v1.4.0) and tsClinical Metadata Desktop Tools Version 1.0.3 to Version 1.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper restriction of XML external entity reference (XXE) vulnerability exists in tsClinical Define.xml Generator all versions (v1.0.0 to v1.4.0) and tsClinical Metadata Desktop Tools Version 1.0.3 to Version 1.1.0. If this vulnerability is exploited, an attacker may obtain an arbitrary file which meets a certain condition by reading a specially crafted XML file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper restriction of XML external entity reference",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-15T00:00:00.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://github.com/tsClinical/tsc-desktop/security/advisories"
},
{
"url": "https://jvn.jp/en/jp/JVN00712821/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2023-22377",
"datePublished": "2023-02-15T00:00:00.000Z",
"dateReserved": "2022-12-28T00:00:00.000Z",
"dateUpdated": "2025-03-19T17:36:31.386Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-29516 (GCVE-0-2022-29516)
Vulnerability from cvelistv5 – Published: 2022-05-18 09:50 – Updated: 2024-08-03 06:26
VLAI?
Summary
The web console of FUJITSU Network IPCOM series (IPCOM EX2 IN(3200, 3500), IPCOM EX2 LB(1100, 3200, 3500), IPCOM EX2 SC(1100, 3200, 3500), IPCOM EX2 NW(1100, 3200, 3500), IPCOM EX2 DC, IPCOM EX2 DC, IPCOM EX IN(2300, 2500, 2700), IPCOM EX LB(1100, 1300, 2300, 2500, 2700), IPCOM EX SC(1100, 1300, 2300, 2500, 2700), and IPCOM EX NW(1100, 1300, 2300, 2500, 2700)) allows a remote attacker to execute an arbitrary OS command via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- OS Command Injection
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| FUJITSU LIMITED | IPCOM EX2 series, IPCOM EX series, IPCOM VE2 series, and IPCOM VA2/VE1 series |
Affected:
IPCOM EX2 IN(3200, 3500), IPCOM EX2 LB(1100, 3200, 3500), IPCOM EX2 SC(1100, 3200, 3500), IPCOM EX2 NW(1100, 3200, 3500), IPCOM EX2 DC, IPCOM EX2 DC, IPCOM EX IN(2300, 2500, 2700), IPCOM EX LB(1100, 1300, 2300, 2500, 2700), IPCOM EX SC(1100, 1300, 2300, 2500, 2700), and IPCOM EX NW(1100, 1300, 2300, 2500, 2700)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:26:06.087Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.fujitsu.com/jp/products/network/support/2022/ipcom-01/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN96561229/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "IPCOM EX2 series, IPCOM EX series, IPCOM VE2 series, and IPCOM VA2/VE1 series",
"vendor": "FUJITSU LIMITED",
"versions": [
{
"status": "affected",
"version": "IPCOM EX2 IN(3200, 3500), IPCOM EX2 LB(1100, 3200, 3500), IPCOM EX2 SC(1100, 3200, 3500), IPCOM EX2 NW(1100, 3200, 3500), IPCOM EX2 DC, IPCOM EX2 DC, IPCOM EX IN(2300, 2500, 2700), IPCOM EX LB(1100, 1300, 2300, 2500, 2700), IPCOM EX SC(1100, 1300, 2300, 2500, 2700), and IPCOM EX NW(1100, 1300, 2300, 2500, 2700)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The web console of FUJITSU Network IPCOM series (IPCOM EX2 IN(3200, 3500), IPCOM EX2 LB(1100, 3200, 3500), IPCOM EX2 SC(1100, 3200, 3500), IPCOM EX2 NW(1100, 3200, 3500), IPCOM EX2 DC, IPCOM EX2 DC, IPCOM EX IN(2300, 2500, 2700), IPCOM EX LB(1100, 1300, 2300, 2500, 2700), IPCOM EX SC(1100, 1300, 2300, 2500, 2700), and IPCOM EX NW(1100, 1300, 2300, 2500, 2700)) allows a remote attacker to execute an arbitrary OS command via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "OS Command Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-18T09:50:24",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.fujitsu.com/jp/products/network/support/2022/ipcom-01/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/jp/JVN96561229/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2022-29516",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "IPCOM EX2 series, IPCOM EX series, IPCOM VE2 series, and IPCOM VA2/VE1 series",
"version": {
"version_data": [
{
"version_value": "IPCOM EX2 IN(3200, 3500), IPCOM EX2 LB(1100, 3200, 3500), IPCOM EX2 SC(1100, 3200, 3500), IPCOM EX2 NW(1100, 3200, 3500), IPCOM EX2 DC, IPCOM EX2 DC, IPCOM EX IN(2300, 2500, 2700), IPCOM EX LB(1100, 1300, 2300, 2500, 2700), IPCOM EX SC(1100, 1300, 2300, 2500, 2700), and IPCOM EX NW(1100, 1300, 2300, 2500, 2700)"
}
]
}
}
]
},
"vendor_name": "FUJITSU LIMITED"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The web console of FUJITSU Network IPCOM series (IPCOM EX2 IN(3200, 3500), IPCOM EX2 LB(1100, 3200, 3500), IPCOM EX2 SC(1100, 3200, 3500), IPCOM EX2 NW(1100, 3200, 3500), IPCOM EX2 DC, IPCOM EX2 DC, IPCOM EX IN(2300, 2500, 2700), IPCOM EX LB(1100, 1300, 2300, 2500, 2700), IPCOM EX SC(1100, 1300, 2300, 2500, 2700), and IPCOM EX NW(1100, 1300, 2300, 2500, 2700)) allows a remote attacker to execute an arbitrary OS command via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "OS Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.fujitsu.com/jp/products/network/support/2022/ipcom-01/",
"refsource": "MISC",
"url": "https://www.fujitsu.com/jp/products/network/support/2022/ipcom-01/"
},
{
"name": "https://jvn.jp/en/jp/JVN96561229/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/en/jp/JVN96561229/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2022-29516",
"datePublished": "2022-05-18T09:50:24",
"dateReserved": "2022-04-28T00:00:00",
"dateUpdated": "2024-08-03T06:26:06.087Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-10855 (GCVE-0-2017-10855)
Vulnerability from cvelistv5 – Published: 2017-09-15 17:00 – Updated: 2024-08-05 17:50
VLAI?
Summary
Untrusted search path vulnerability in FENCE-Explorer for Windows V8.4.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
Severity ?
No CVSS data available.
CWE
- Untrusted search path vulnerability
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| FUJITSU LIMITED | FENCE-Explorer for Windows |
Affected:
V8.4.1 and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:50:12.532Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#57205588",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN57205588/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.fujitsu.com/jp/group/bsc/services/fence/info-2017080101.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "FENCE-Explorer for Windows",
"vendor": "FUJITSU LIMITED ",
"versions": [
{
"status": "affected",
"version": "V8.4.1 and earlier"
}
]
}
],
"datePublic": "2017-09-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in FENCE-Explorer for Windows V8.4.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Untrusted search path vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-15T16:57:01",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#57205588",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN57205588/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.fujitsu.com/jp/group/bsc/services/fence/info-2017080101.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2017-10855",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FENCE-Explorer for Windows",
"version": {
"version_data": [
{
"version_value": "V8.4.1 and earlier"
}
]
}
}
]
},
"vendor_name": "FUJITSU LIMITED "
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in FENCE-Explorer for Windows V8.4.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#57205588",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN57205588/index.html"
},
{
"name": "http://www.fujitsu.com/jp/group/bsc/services/fence/info-2017080101.html",
"refsource": "MISC",
"url": "http://www.fujitsu.com/jp/group/bsc/services/fence/info-2017080101.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2017-10855",
"datePublished": "2017-09-15T17:00:00",
"dateReserved": "2017-07-04T00:00:00",
"dateUpdated": "2024-08-05T17:50:12.532Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}