Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
4 vulnerabilities by furuno
VAR-201809-0552
Vulnerability from variot - Updated: 2023-12-18 13:52FURUNO FELCOM 250 and 500 devices allow unauthenticated access to the xml/permission.xml file containing all of the system's usernames and passwords. This includes the Admin and Service user accounts and their unsalted MD5 hashes, as well as the SMS server password in cleartext. FURUNO FELCOM 250 and 500 The device contains a certificate / password management vulnerability.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. FURUNO FELCOM 250 and 500 are shipborne communication equipment of Japan Furuno Electric Company. There is a security hole in the FURUNO FELCOM 250 and 500
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201809-0552",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "felcom 500",
"scope": "eq",
"trust": 1.6,
"vendor": "furuno",
"version": null
},
{
"model": "felcom 250",
"scope": "eq",
"trust": 1.6,
"vendor": "furuno",
"version": null
},
{
"model": "felcom 250",
"scope": null,
"trust": 0.8,
"vendor": "furuno electric",
"version": null
},
{
"model": "felcom 500",
"scope": null,
"trust": 0.8,
"vendor": "furuno electric",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-009807"
},
{
"db": "NVD",
"id": "CVE-2018-16705"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-446"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:furuno:felcom_250_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:furuno:felcom_250:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:furuno:felcom_500_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:furuno:felcom_500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-16705"
}
]
},
"cve": "CVE-2018-16705",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-16705",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-127091",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-16705",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-16705",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-201809-446",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-127091",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-127091"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009807"
},
{
"db": "NVD",
"id": "CVE-2018-16705"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-446"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "FURUNO FELCOM 250 and 500 devices allow unauthenticated access to the xml/permission.xml file containing all of the system\u0027s usernames and passwords. This includes the Admin and Service user accounts and their unsalted MD5 hashes, as well as the SMS server password in cleartext. FURUNO FELCOM 250 and 500 The device contains a certificate / password management vulnerability.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. FURUNO FELCOM 250 and 500 are shipborne communication equipment of Japan Furuno Electric Company. There is a security hole in the FURUNO FELCOM 250 and 500",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-16705"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009807"
},
{
"db": "VULHUB",
"id": "VHN-127091"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-16705",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009807",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201809-446",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-127091",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-127091"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009807"
},
{
"db": "NVD",
"id": "CVE-2018-16705"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-446"
}
]
},
"id": "VAR-201809-0552",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-127091"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:52:33.015000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "\u30d5\u30ea\u30fc\u30c8\u30d6\u30ed\u30fc\u30c9\u30d0\u30f3\u30c9",
"trust": 0.8,
"url": "https://www.furuno.com/jp/merchant/fleetbroadband/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-009807"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.1
},
{
"problemtype": "CWE-255",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-127091"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009807"
},
{
"db": "NVD",
"id": "CVE-2018-16705"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://gist.github.com/cyberskr/c00eabd6b1d5603d724b615ab358ff31"
},
{
"trust": 1.7,
"url": "https://cyberskr.com/blog/furuno-felcom.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-16705"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-16705"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-127091"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009807"
},
{
"db": "NVD",
"id": "CVE-2018-16705"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-446"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-127091"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009807"
},
{
"db": "NVD",
"id": "CVE-2018-16705"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-446"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-10T00:00:00",
"db": "VULHUB",
"id": "VHN-127091"
},
{
"date": "2018-11-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009807"
},
{
"date": "2018-09-10T17:29:00.727000",
"db": "NVD",
"id": "CVE-2018-16705"
},
{
"date": "2018-09-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-446"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-127091"
},
{
"date": "2018-11-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009807"
},
{
"date": "2019-10-03T00:03:26.223000",
"db": "NVD",
"id": "CVE-2018-16705"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-446"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201809-446"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "FURUNO FELCOM 250 and 500 Vulnerability in certificate / password management on devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-009807"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201809-446"
}
],
"trust": 0.6
}
}
VAR-201809-0468
Vulnerability from variot - Updated: 2023-12-18 13:33FURUNO FELCOM 250 and 500 devices allow unauthenticated users to change the password for the Admin, Log and Service accounts, as well as the password for the protected "SMS" panel via /cgi-bin/sm_changepassword.cgi and /cgi-bin/sm_sms_changepasswd.cgi. FURUNO FELCOM 250 and 500 The device contains an access control vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. FURUNO FELCOM 250 and 500 are shipborne communication equipment of Japan Furuno Electric Company. The /cgi-bin/sm_changepassword.cgi file and the /cgi-bin/sm_sms_changepasswd.cgi file in FURUNO FELCOM 250 and 500 have an access control error vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201809-0468",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "felcom 500",
"scope": "eq",
"trust": 1.6,
"vendor": "furuno",
"version": null
},
{
"model": "felcom 250",
"scope": "eq",
"trust": 1.6,
"vendor": "furuno",
"version": null
},
{
"model": "felcom 250",
"scope": null,
"trust": 0.8,
"vendor": "furuno electric",
"version": null
},
{
"model": "felcom 500",
"scope": null,
"trust": 0.8,
"vendor": "furuno electric",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-009806"
},
{
"db": "NVD",
"id": "CVE-2018-16591"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-447"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:furuno:felcom_250_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:furuno:felcom_250:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:furuno:felcom_500_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:furuno:felcom_500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-16591"
}
]
},
"cve": "CVE-2018-16591",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-16591",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-126966",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-16591",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-16591",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-201809-447",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-126966",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-16591",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-126966"
},
{
"db": "VULMON",
"id": "CVE-2018-16591"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009806"
},
{
"db": "NVD",
"id": "CVE-2018-16591"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-447"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "FURUNO FELCOM 250 and 500 devices allow unauthenticated users to change the password for the Admin, Log and Service accounts, as well as the password for the protected \"SMS\" panel via /cgi-bin/sm_changepassword.cgi and /cgi-bin/sm_sms_changepasswd.cgi. FURUNO FELCOM 250 and 500 The device contains an access control vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. FURUNO FELCOM 250 and 500 are shipborne communication equipment of Japan Furuno Electric Company. The /cgi-bin/sm_changepassword.cgi file and the /cgi-bin/sm_sms_changepasswd.cgi file in FURUNO FELCOM 250 and 500 have an access control error vulnerability",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-16591"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009806"
},
{
"db": "VULHUB",
"id": "VHN-126966"
},
{
"db": "VULMON",
"id": "CVE-2018-16591"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-16591",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009806",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201809-447",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-126966",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-16591",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-126966"
},
{
"db": "VULMON",
"id": "CVE-2018-16591"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009806"
},
{
"db": "NVD",
"id": "CVE-2018-16591"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-447"
}
]
},
"id": "VAR-201809-0468",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-126966"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:33:43.001000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "\u30d5\u30ea\u30fc\u30c8\u30d6\u30ed\u30fc\u30c9\u30d0\u30f3\u30c9",
"trust": 0.8,
"url": "https://www.furuno.com/jp/merchant/fleetbroadband/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-009806"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-862",
"trust": 1.1
},
{
"problemtype": "CWE-284",
"trust": 0.9
},
{
"problemtype": "CWE-425",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-126966"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009806"
},
{
"db": "NVD",
"id": "CVE-2018-16591"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://gist.github.com/cyberskr/2c30d964d48b5e1518ded88bd953b710"
},
{
"trust": 1.8,
"url": "https://cyberskr.com/blog/furuno-felcom.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-16591"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-16591"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/862.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-126966"
},
{
"db": "VULMON",
"id": "CVE-2018-16591"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009806"
},
{
"db": "NVD",
"id": "CVE-2018-16591"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-447"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-126966"
},
{
"db": "VULMON",
"id": "CVE-2018-16591"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009806"
},
{
"db": "NVD",
"id": "CVE-2018-16591"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-447"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-10T00:00:00",
"db": "VULHUB",
"id": "VHN-126966"
},
{
"date": "2018-09-10T00:00:00",
"db": "VULMON",
"id": "CVE-2018-16591"
},
{
"date": "2018-11-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009806"
},
{
"date": "2018-09-10T17:29:00.587000",
"db": "NVD",
"id": "CVE-2018-16591"
},
{
"date": "2018-09-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-447"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-126966"
},
{
"date": "2020-08-24T00:00:00",
"db": "VULMON",
"id": "CVE-2018-16591"
},
{
"date": "2018-11-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009806"
},
{
"date": "2020-08-24T17:37:01.140000",
"db": "NVD",
"id": "CVE-2018-16591"
},
{
"date": "2020-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-447"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201809-447"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "FURUNO FELCOM 250 and 500 Device access control vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-009806"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "access control error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201809-447"
}
],
"trust": 0.6
}
}
VAR-201809-0467
Vulnerability from variot - Updated: 2023-12-18 12:50FURUNO FELCOM 250 and 500 devices use only client-side JavaScript in login.js for authentication. FURUNO FELCOM 250 and 500 The device contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. FURUNO FELCOM 250 and 500 are shipborne communication equipment of Japan Furuno Electric Company. An authorization issue vulnerability exists in the FURUNO FELCOM 250 and 500 devices. An attacker could exploit this vulnerability to bypass authentication checks and gain access to accounts without a password
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201809-0467",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "felcom 500",
"scope": "eq",
"trust": 1.6,
"vendor": "furuno",
"version": null
},
{
"model": "felcom 250",
"scope": "eq",
"trust": 1.6,
"vendor": "furuno",
"version": null
},
{
"model": "felcom 250",
"scope": null,
"trust": 0.8,
"vendor": "furuno electric",
"version": null
},
{
"model": "felcom 500",
"scope": null,
"trust": 0.8,
"vendor": "furuno electric",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010324"
},
{
"db": "NVD",
"id": "CVE-2018-16590"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-288"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:furuno:felcom_250_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:furuno:felcom_250:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:furuno:felcom_500_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:furuno:felcom_500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-16590"
}
]
},
"cve": "CVE-2018-16590",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-16590",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-126965",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-16590",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-16590",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-201809-288",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-126965",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-16590",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-126965"
},
{
"db": "VULMON",
"id": "CVE-2018-16590"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010324"
},
{
"db": "NVD",
"id": "CVE-2018-16590"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-288"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "FURUNO FELCOM 250 and 500 devices use only client-side JavaScript in login.js for authentication. FURUNO FELCOM 250 and 500 The device contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. FURUNO FELCOM 250 and 500 are shipborne communication equipment of Japan Furuno Electric Company. An authorization issue vulnerability exists in the FURUNO FELCOM 250 and 500 devices. An attacker could exploit this vulnerability to bypass authentication checks and gain access to accounts without a password",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-16590"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010324"
},
{
"db": "VULHUB",
"id": "VHN-126965"
},
{
"db": "VULMON",
"id": "CVE-2018-16590"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-16590",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010324",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201809-288",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-126965",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-16590",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-126965"
},
{
"db": "VULMON",
"id": "CVE-2018-16590"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010324"
},
{
"db": "NVD",
"id": "CVE-2018-16590"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-288"
}
]
},
"id": "VAR-201809-0467",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-126965"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:50:34.941000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "FELCOM250/FELCOM500",
"trust": 0.8,
"url": "https://www.furuno.com/jp/merchant/fleetbroadband/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010324"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-126965"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010324"
},
{
"db": "NVD",
"id": "CVE-2018-16590"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://gist.github.com/cyberskr/34a8d6be7646a4bfd4df455f9f52500f"
},
{
"trust": 1.2,
"url": "https://cyberskr.com/blog/furuno-felcom.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-16590"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-16590"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/287.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-126965"
},
{
"db": "VULMON",
"id": "CVE-2018-16590"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010324"
},
{
"db": "NVD",
"id": "CVE-2018-16590"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-288"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-126965"
},
{
"db": "VULMON",
"id": "CVE-2018-16590"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010324"
},
{
"db": "NVD",
"id": "CVE-2018-16590"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-288"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-06T00:00:00",
"db": "VULHUB",
"id": "VHN-126965"
},
{
"date": "2018-09-06T00:00:00",
"db": "VULMON",
"id": "CVE-2018-16590"
},
{
"date": "2018-12-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010324"
},
{
"date": "2018-09-06T23:29:01.583000",
"db": "NVD",
"id": "CVE-2018-16590"
},
{
"date": "2018-09-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-288"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-11-14T00:00:00",
"db": "VULHUB",
"id": "VHN-126965"
},
{
"date": "2018-11-14T00:00:00",
"db": "VULMON",
"id": "CVE-2018-16590"
},
{
"date": "2018-12-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010324"
},
{
"date": "2018-11-14T18:27:16.727000",
"db": "NVD",
"id": "CVE-2018-16590"
},
{
"date": "2019-01-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-288"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201809-288"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "FURUNO FELCOM 250 and 500 Authentication vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010324"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201809-288"
}
],
"trust": 0.6
}
}
VAR-201601-0722
Vulnerability from variot - Updated: 2022-05-17 02:09Provided by Furuno Electric Co., Ltd. Voyage Data Recorder (VDR) VR-3000/VR-3000S and VR-7000 Firmware update function moduleserv Does not properly validate user input, root A vulnerability exists that allows arbitrary commands to be executed with privileges. The product page of Furuno Electric Co., Ltd. VDR Is "Records all crucial data to identify the cause of maritime casualty as well as contribute to the future prevention of the catastrophe of any kind. ( All important data is recorded not only to identify the cause of maritime disasters but also to prevent any future disasters. )" It has been described as. Voyage Data Recorder (VDR) VR-3000/VR-3000S and VR-7000 Firmware update function moduleserv Is 10110/TCP Waiting for communication. moduleserv Does not properly validate user input, so attackers root Any command can be executed with authority. For more information IOActive Blog, Maritime Security: Hacking into a Voyage Data Recorder (VDR) Please confirm. Maritime Security: Hacking into a Voyage Data Recorder (VDR) http://blog.ioactive.com/2015/12/maritime-security-hacking-into-voyage.htmlBy an attacker with network access to the device, root An arbitrary command may be executed with authority. The vulnerability stems from the program's insufficient filtering of user-submitted input. Successful exploits will result in complete compromise of the affected system
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201601-0722",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "furuno",
"version": null
},
{
"model": "vr-3000/vr-3000s",
"scope": "lte",
"trust": 0.8,
"vendor": "furuno electric",
"version": "v1.50 from v1.54"
},
{
"model": "vr-3000/vr-3000s",
"scope": "lte",
"trust": 0.8,
"vendor": "furuno electric",
"version": "v1.61 v1.6 system"
},
{
"model": "vr-3000/vr-3000s",
"scope": "lte",
"trust": 0.8,
"vendor": "furuno electric",
"version": "v2.06 from v2.54"
},
{
"model": "vr-3000/vr-3000s",
"scope": "lte",
"trust": 0.8,
"vendor": "furuno electric",
"version": "v2.60 from v2.61"
},
{
"model": "vr-7000",
"scope": "lte",
"trust": 0.8,
"vendor": "furuno electric",
"version": "v1.02"
},
{
"model": "electric voyage data recorder vr-3000/vr-3000s/vr-7000",
"scope": null,
"trust": 0.6,
"vendor": "furuno",
"version": null
},
{
"model": "voyage data recorder vr-7000",
"scope": "eq",
"trust": 0.3,
"vendor": "furuno",
"version": "1.02"
},
{
"model": "voyage data recorder vr-3000s",
"scope": "eq",
"trust": 0.3,
"vendor": "furuno",
"version": "2.61"
},
{
"model": "voyage data recorder vr-3000s",
"scope": "eq",
"trust": 0.3,
"vendor": "furuno",
"version": "2.60"
},
{
"model": "voyage data recorder vr-3000s",
"scope": "eq",
"trust": 0.3,
"vendor": "furuno",
"version": "2.54"
},
{
"model": "voyage data recorder vr-3000s",
"scope": "eq",
"trust": 0.3,
"vendor": "furuno",
"version": "2.06"
},
{
"model": "voyage data recorder vr-3000s",
"scope": "eq",
"trust": 0.3,
"vendor": "furuno",
"version": "1.61"
},
{
"model": "voyage data recorder vr-3000s",
"scope": "eq",
"trust": 0.3,
"vendor": "furuno",
"version": "1.54"
},
{
"model": "voyage data recorder vr-3000s",
"scope": "eq",
"trust": 0.3,
"vendor": "furuno",
"version": "1.50"
},
{
"model": "voyage data recorder vr-3000",
"scope": "eq",
"trust": 0.3,
"vendor": "furuno",
"version": "2.61"
},
{
"model": "voyage data recorder vr-3000",
"scope": "eq",
"trust": 0.3,
"vendor": "furuno",
"version": "2.60"
},
{
"model": "voyage data recorder vr-3000",
"scope": "eq",
"trust": 0.3,
"vendor": "furuno",
"version": "2.54"
},
{
"model": "voyage data recorder vr-3000",
"scope": "eq",
"trust": 0.3,
"vendor": "furuno",
"version": "2.06"
},
{
"model": "voyage data recorder vr-3000",
"scope": "eq",
"trust": 0.3,
"vendor": "furuno",
"version": "1.61"
},
{
"model": "voyage data recorder vr-3000",
"scope": "eq",
"trust": 0.3,
"vendor": "furuno",
"version": "1.54"
},
{
"model": "voyage data recorder vr-3000",
"scope": "eq",
"trust": 0.3,
"vendor": "furuno",
"version": "1.50"
},
{
"model": "voyage data recorder vr-7000",
"scope": "ne",
"trust": 0.3,
"vendor": "furuno",
"version": "1.04"
},
{
"model": "voyage data recorder vr-3000s",
"scope": "ne",
"trust": 0.3,
"vendor": "furuno",
"version": "2.62"
},
{
"model": "voyage data recorder vr-3000s",
"scope": "ne",
"trust": 0.3,
"vendor": "furuno",
"version": "2.56"
},
{
"model": "voyage data recorder vr-3000s",
"scope": "ne",
"trust": 0.3,
"vendor": "furuno",
"version": "1.62"
},
{
"model": "voyage data recorder vr-3000s",
"scope": "ne",
"trust": 0.3,
"vendor": "furuno",
"version": "1.56"
},
{
"model": "voyage data recorder vr-3000",
"scope": "ne",
"trust": 0.3,
"vendor": "furuno",
"version": "2.62"
},
{
"model": "voyage data recorder vr-3000",
"scope": "ne",
"trust": 0.3,
"vendor": "furuno",
"version": "2.56"
},
{
"model": "voyage data recorder vr-3000",
"scope": "ne",
"trust": 0.3,
"vendor": "furuno",
"version": "1.62"
},
{
"model": "voyage data recorder vr-3000",
"scope": "ne",
"trust": 0.3,
"vendor": "furuno",
"version": "1.56"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#820196"
},
{
"db": "CNVD",
"id": "CNVD-2016-00346"
},
{
"db": "BID",
"id": "79817"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001002"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:misc:furuno_vr-3000%2Fvr-3000s_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:furuno_vr-7000_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001002"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ruben Santamarta of IOActive.",
"sources": [
{
"db": "BID",
"id": "79817"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-313"
}
],
"trust": 0.9
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "IPA",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "JVNDB-2016-001002",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2016-00346",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "IPA",
"id": "JVNDB-2016-001002",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2016-00346",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00346"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001002"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Provided by Furuno Electric Co., Ltd. Voyage Data Recorder (VDR) VR-3000/VR-3000S and VR-7000 Firmware update function moduleserv Does not properly validate user input, root A vulnerability exists that allows arbitrary commands to be executed with privileges. The product page of Furuno Electric Co., Ltd. VDR Is \"Records all crucial data to identify the cause of maritime casualty as well as contribute to the future prevention of the catastrophe of any kind. ( All important data is recorded not only to identify the cause of maritime disasters but also to prevent any future disasters. )\" It has been described as. Voyage Data Recorder (VDR) VR-3000/VR-3000S and VR-7000 Firmware update function moduleserv Is 10110/TCP Waiting for communication. moduleserv Does not properly validate user input, so attackers root Any command can be executed with authority. For more information IOActive Blog, Maritime Security: Hacking into a Voyage Data Recorder (VDR) Please confirm. Maritime Security: Hacking into a Voyage Data Recorder (VDR) http://blog.ioactive.com/2015/12/maritime-security-hacking-into-voyage.htmlBy an attacker with network access to the device, root An arbitrary command may be executed with authority. The vulnerability stems from the program\u0027s insufficient filtering of user-submitted input. Successful exploits will result in complete compromise of the affected system",
"sources": [
{
"db": "CERT/CC",
"id": "VU#820196"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001002"
},
{
"db": "CNVD",
"id": "CNVD-2016-00346"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-313"
},
{
"db": "BID",
"id": "79817"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#820196",
"trust": 1.9
},
{
"db": "BID",
"id": "79817",
"trust": 1.5
},
{
"db": "JVN",
"id": "JVNVU98928449",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001002",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2016-00346",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201601-313",
"trust": 0.6
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#820196"
},
{
"db": "CNVD",
"id": "CNVD-2016-00346"
},
{
"db": "BID",
"id": "79817"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001002"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-313"
}
]
},
"id": "VAR-201601-0722",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00346"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00346"
}
]
},
"last_update_date": "2022-05-17T02:09:47.687000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "VDR",
"trust": 0.8,
"url": "http://www.furuno.com/jp/merchant/vdr/"
},
{
"title": "Patches for arbitrary command execution vulnerabilities for multiple FurunoElectricVoyageDataRecorder products",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/70281"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00346"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001002"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://blog.ioactive.com/2015/12/maritime-security-hacking-into-voyage.html"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/79817"
},
{
"trust": 0.8,
"url": "http://www.furuno.com/en/merchant/vdr/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu98928449/index.html"
},
{
"trust": 0.8,
"url": "https://www.kb.cert.org/vuls/id/820196\\"
},
{
"trust": 0.3,
"url": "http://www.furuno.com/en/"
},
{
"trust": 0.3,
"url": "https://www.kb.cert.org/vuls/id/820196"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#820196"
},
{
"db": "CNVD",
"id": "CNVD-2016-00346"
},
{
"db": "BID",
"id": "79817"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001002"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-313"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#820196"
},
{
"db": "CNVD",
"id": "CNVD-2016-00346"
},
{
"db": "BID",
"id": "79817"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001002"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-313"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-01-04T00:00:00",
"db": "CERT/CC",
"id": "VU#820196"
},
{
"date": "2016-01-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-00346"
},
{
"date": "2016-01-04T00:00:00",
"db": "BID",
"id": "79817"
},
{
"date": "2016-01-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001002"
},
{
"date": "2016-01-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-313"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-01-04T00:00:00",
"db": "CERT/CC",
"id": "VU#820196"
},
{
"date": "2016-01-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-00346"
},
{
"date": "2016-01-04T00:00:00",
"db": "BID",
"id": "79817"
},
{
"date": "2016-01-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001002"
},
{
"date": "2016-01-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-313"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-313"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Furuno Voyage Data Recorder (VDR) moduleserv firmware update utility fails to properly sanitize user-provided input",
"sources": [
{
"db": "CERT/CC",
"id": "VU#820196"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-313"
}
],
"trust": 0.6
}
}