Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
3 vulnerabilities by plathome
VAR-202003-1412
Vulnerability from variot - Updated: 2023-12-18 12:42OpenBlocks IoT VX2 prior to Ver.4.0.0 (Ver.3 Series) allows an attacker on the same network segment to execute arbitrary OS commands with root privileges via unspecified vectors. Provided by Plat'Home Co., Ltd. OpenBlocks IoT VX2 Is vulnerable to several vulnerabilities: ・ OS Command injection (CWE-78) - CVE-2020-5535 ・ Insufficient authentication (CWE-287) - CVE-2020-5536 This vulnerability information is based on the Information Security Early Warning Partnership. IPA Report to JPCERT/CC Coordinated with the developer. Reporter : Ierae Security Co., Ltd. Murashima Masahiro Mr. Kataoka Genta MrThe expected impact depends on each vulnerability, but it may be affected as follows. ・ Depending on the user who can connect to the product root Arbitrary with authority OS The command may be executed - CVE-2020-5535 -Users who can connect to the product may bypass authentication and initialize the device. - CVE-2020-5536. OpenBlocks IoT VX2 is an intelligent edge IoT gateway with the high functionality and reliability required for the actual operation of IoT systems. Plat’Home OpenBlocks IoT VX2 is an IoT gateway device from Japan ’s Plat’Home. Plat’Home OpenBlocks IoT VX2 versions prior to 4.0.0 have an operating system command injection vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202003-1412",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "openblocks iot vx2",
"scope": "lt",
"trust": 1.0,
"vendor": "plathome",
"version": "4.0.0"
},
{
"model": "openblocks iot vx2",
"scope": "gte",
"trust": 1.0,
"vendor": "plathome",
"version": "3.3.0"
},
{
"model": "openblocks iot vx2",
"scope": "eq",
"trust": 0.8,
"vendor": "plat home",
"version": "ver.4.0.0 (ver.3\u7cfb)"
},
{
"model": "openblocks iot",
"scope": "eq",
"trust": 0.6,
"vendor": "plat home",
"version": "vx2\u003c4.0.0"
},
{
"model": "openblocks iot vx2",
"scope": "eq",
"trust": 0.6,
"vendor": "plathome",
"version": "3.4.0"
},
{
"model": "openblocks iot vx2",
"scope": "eq",
"trust": 0.6,
"vendor": "plathome",
"version": "3.3.1"
},
{
"model": "openblocks iot vx2",
"scope": "eq",
"trust": 0.6,
"vendor": "plathome",
"version": null
},
{
"model": "openblocks iot vx2",
"scope": "eq",
"trust": 0.6,
"vendor": "plathome",
"version": "3.3.0"
},
{
"model": "openblocks iot vx2",
"scope": "eq",
"trust": 0.6,
"vendor": "plathome",
"version": "3.3.2"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-15518"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-000020"
},
{
"db": "NVD",
"id": "CVE-2020-5535"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-154"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:plathome:openblocks_iot_vx2_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.0.0",
"versionStartIncluding": "3.3.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:plathome:openblocks_iot_vx2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-5535"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Masahiro Murashima and Genta Kataoka of IERAE SECURITY INC",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202003-154"
}
],
"trust": 0.6
},
"cve": "CVE-2020-5535",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.5,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "IPA",
"availabilityImpact": "Partial",
"baseScore": 5.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2020-000020",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "IPA",
"availabilityImpact": "Partial",
"baseScore": 4.8,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-000020",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2020-15518",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "IPA",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-000020",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "IPA",
"availabilityImpact": "Low",
"baseScore": 5.4,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-000020",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-5535",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "IPA",
"id": "JVNDB-2020-000020",
"trust": 0.8,
"value": "High"
},
{
"author": "IPA",
"id": "JVNDB-2020-000020",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2020-15518",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202003-154",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-15518"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-000020"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-000020"
},
{
"db": "NVD",
"id": "CVE-2020-5535"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-154"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenBlocks IoT VX2 prior to Ver.4.0.0 (Ver.3 Series) allows an attacker on the same network segment to execute arbitrary OS commands with root privileges via unspecified vectors. Provided by Plat\u0027Home Co., Ltd. OpenBlocks IoT VX2 Is vulnerable to several vulnerabilities: \u30fb OS Command injection (CWE-78) - CVE-2020-5535 \u30fb Insufficient authentication (CWE-287) - CVE-2020-5536 This vulnerability information is based on the Information Security Early Warning Partnership. IPA Report to JPCERT/CC Coordinated with the developer. Reporter : Ierae Security Co., Ltd. Murashima Masahiro Mr. Kataoka Genta MrThe expected impact depends on each vulnerability, but it may be affected as follows. \u30fb Depending on the user who can connect to the product root Arbitrary with authority OS The command may be executed - CVE-2020-5535 -Users who can connect to the product may bypass authentication and initialize the device. - CVE-2020-5536. OpenBlocks IoT VX2 is an intelligent edge IoT gateway with the high functionality and reliability required for the actual operation of IoT systems. Plat\u2019Home OpenBlocks IoT VX2 is an IoT gateway device from Japan \u2019s Plat\u2019Home. \nPlat\u2019Home OpenBlocks IoT VX2 versions prior to 4.0.0 have an operating system command injection vulnerability",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-5535"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-000020"
},
{
"db": "CNVD",
"id": "CNVD-2020-15518"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-154"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "JVN",
"id": "JVN19666251",
"trust": 3.0
},
{
"db": "NVD",
"id": "CVE-2020-5535",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2020-000020",
"trust": 1.4
},
{
"db": "CNVD",
"id": "CNVD-2020-15518",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202003-154",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-15518"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-000020"
},
{
"db": "NVD",
"id": "CVE-2020-5535"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-154"
}
]
},
"id": "VAR-202003-1412",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-15518"
}
],
"trust": 1.39166665
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-15518"
}
]
},
"last_update_date": "2023-12-18T12:42:59.986000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "OpenBlocks IoT VX2\u3000\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u30ea\u30ea\u30fc\u30b9\u60c5\u5831\uff5cFW4.0.0",
"trust": 0.8,
"url": "https://www.plathome.co.jp/software/vx2-v4-0-0/"
},
{
"title": "Patch for OpenBlocks IoT VX2 arbitrary OS command execution vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/206915"
},
{
"title": "Plat\u2019Home OpenBlocks IoT VX2 Fixes for operating system command injection vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=111602"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-15518"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-000020"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-154"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.8
},
{
"problemtype": "CWE-287",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-000020"
},
{
"db": "NVD",
"id": "CVE-2020-5535"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "https://jvn.jp/en/jp/jvn19666251/index.html"
},
{
"trust": 1.6,
"url": "https://www.plathome.co.jp/software/vx2-v4-0-0/"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-5535"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-5536"
},
{
"trust": 0.8,
"url": "https://jvn.jp/jp/jvn19666251/index.html"
},
{
"trust": 0.6,
"url": "https://jvndb.jvn.jp/en/contents/2020/jvndb-2020-000020.html"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-15518"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-000020"
},
{
"db": "NVD",
"id": "CVE-2020-5535"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-154"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-15518"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-000020"
},
{
"db": "NVD",
"id": "CVE-2020-5535"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-154"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-03-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-15518"
},
{
"date": "2020-03-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-000020"
},
{
"date": "2020-03-04T02:15:13.253000",
"db": "NVD",
"id": "CVE-2020-5535"
},
{
"date": "2020-03-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202003-154"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-03-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-15518"
},
{
"date": "2020-03-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-000020"
},
{
"date": "2020-03-07T02:31:47.530000",
"db": "NVD",
"id": "CVE-2020-5535"
},
{
"date": "2020-03-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202003-154"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202003-154"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenBlocks IoT VX2 Multiple vulnerabilities in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-000020"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202003-154"
}
],
"trust": 0.6
}
}
VAR-202003-1413
Vulnerability from variot - Updated: 2023-12-18 12:42OpenBlocks IoT VX2 prior to Ver.4.0.0 (Ver.3 Series) allows an attacker on the same network segment to bypass authentication and to initialize the device via unspecified vectors. Provided by Plat'Home Co., Ltd. OpenBlocks IoT VX2 Is vulnerable to several vulnerabilities: ・ OS Command injection (CWE-78) - CVE-2020-5535 ・ Insufficient authentication (CWE-287) - CVE-2020-5536 This vulnerability information is based on the Information Security Early Warning Partnership. IPA Report to JPCERT/CC Coordinated with the developer. Reporter : Ierae Security Co., Ltd. Murashima Masahiro Mr. Kataoka Genta MrThe expected impact depends on each vulnerability, but it may be affected as follows. ・ Depending on the user who can connect to the product root Arbitrary with authority OS The command may be executed - CVE-2020-5535 -Users who can connect to the product may bypass authentication and initialize the device. - CVE-2020-5536. OpenBlocks IoT VX2 is an intelligent edge IoT gateway with the high functionality and reliability required for the actual operation of IoT systems. Plat’Home OpenBlocks IoT VX2 is an IoT gateway device from Japan ’s Plat’Home. An authorization issue vulnerability exists in OpenBlocks IoT VX2 versions prior to 4.0.0, which originated from incorrect authentication
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202003-1413",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "openblocks iot vx2",
"scope": "lt",
"trust": 1.0,
"vendor": "plathome",
"version": "4.0.0"
},
{
"model": "openblocks iot vx2",
"scope": "gte",
"trust": 1.0,
"vendor": "plathome",
"version": "3.3.0"
},
{
"model": "openblocks iot vx2",
"scope": "eq",
"trust": 0.8,
"vendor": "plat home",
"version": "ver.4.0.0 (ver.3\u7cfb)"
},
{
"model": "openblocks iot",
"scope": "eq",
"trust": 0.6,
"vendor": "plat home",
"version": "vx2\u003c4.0.0"
},
{
"model": "openblocks iot vx2",
"scope": "eq",
"trust": 0.6,
"vendor": "plathome",
"version": "3.4.0"
},
{
"model": "openblocks iot vx2",
"scope": "eq",
"trust": 0.6,
"vendor": "plathome",
"version": "3.3.1"
},
{
"model": "openblocks iot vx2",
"scope": "eq",
"trust": 0.6,
"vendor": "plathome",
"version": null
},
{
"model": "openblocks iot vx2",
"scope": "eq",
"trust": 0.6,
"vendor": "plathome",
"version": "3.3.0"
},
{
"model": "openblocks iot vx2",
"scope": "eq",
"trust": 0.6,
"vendor": "plathome",
"version": "3.3.2"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-15519"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-000020"
},
{
"db": "NVD",
"id": "CVE-2020-5536"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-152"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:plathome:openblocks_iot_vx2_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.0.0",
"versionStartIncluding": "3.3.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:plathome:openblocks_iot_vx2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-5536"
}
]
},
"cve": "CVE-2020-5536",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "IPA",
"availabilityImpact": "Partial",
"baseScore": 5.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2020-000020",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "IPA",
"availabilityImpact": "Partial",
"baseScore": 4.8,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-000020",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "CNVD-2020-15519",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "IPA",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-000020",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "IPA",
"availabilityImpact": "Low",
"baseScore": 5.4,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-000020",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-5536",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "IPA",
"id": "JVNDB-2020-000020",
"trust": 0.8,
"value": "High"
},
{
"author": "IPA",
"id": "JVNDB-2020-000020",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2020-15519",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-202003-152",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-15519"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-000020"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-000020"
},
{
"db": "NVD",
"id": "CVE-2020-5536"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-152"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenBlocks IoT VX2 prior to Ver.4.0.0 (Ver.3 Series) allows an attacker on the same network segment to bypass authentication and to initialize the device via unspecified vectors. Provided by Plat\u0027Home Co., Ltd. OpenBlocks IoT VX2 Is vulnerable to several vulnerabilities: \u30fb OS Command injection (CWE-78) - CVE-2020-5535 \u30fb Insufficient authentication (CWE-287) - CVE-2020-5536 This vulnerability information is based on the Information Security Early Warning Partnership. IPA Report to JPCERT/CC Coordinated with the developer. Reporter : Ierae Security Co., Ltd. Murashima Masahiro Mr. Kataoka Genta MrThe expected impact depends on each vulnerability, but it may be affected as follows. \u30fb Depending on the user who can connect to the product root Arbitrary with authority OS The command may be executed - CVE-2020-5535 -Users who can connect to the product may bypass authentication and initialize the device. - CVE-2020-5536. OpenBlocks IoT VX2 is an intelligent edge IoT gateway with the high functionality and reliability required for the actual operation of IoT systems. Plat\u2019Home OpenBlocks IoT VX2 is an IoT gateway device from Japan \u2019s Plat\u2019Home. \nAn authorization issue vulnerability exists in OpenBlocks IoT VX2 versions prior to 4.0.0, which originated from incorrect authentication",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-5536"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-000020"
},
{
"db": "CNVD",
"id": "CNVD-2020-15519"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-152"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-5536",
"trust": 3.0
},
{
"db": "JVN",
"id": "JVN19666251",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2020-000020",
"trust": 1.4
},
{
"db": "CNVD",
"id": "CNVD-2020-15519",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202003-152",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-15519"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-000020"
},
{
"db": "NVD",
"id": "CVE-2020-5536"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-152"
}
]
},
"id": "VAR-202003-1413",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-15519"
}
],
"trust": 1.39166665
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-15519"
}
]
},
"last_update_date": "2023-12-18T12:42:59.960000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "OpenBlocks IoT VX2\u3000\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u30ea\u30ea\u30fc\u30b9\u60c5\u5831\uff5cFW4.0.0",
"trust": 0.8,
"url": "https://www.plathome.co.jp/software/vx2-v4-0-0/"
},
{
"title": "Patch for OpenBlocks IoT VX2 Certification Bypass Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/206909"
},
{
"title": "Plat\u2019Home OpenBlocks IoT VX2 Remediation measures for authorization problem vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=111601"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-15519"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-000020"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-152"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.8
},
{
"problemtype": "CWE-78",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-000020"
},
{
"db": "NVD",
"id": "CVE-2020-5536"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "https://jvn.jp/en/jp/jvn19666251/index.html"
},
{
"trust": 1.6,
"url": "https://www.plathome.co.jp/software/vx2-v4-0-0/"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-5535"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-5536"
},
{
"trust": 0.8,
"url": "https://jvn.jp/jp/jvn19666251/index.html"
},
{
"trust": 0.6,
"url": "https://jvndb.jvn.jp/en/contents/2020/jvndb-2020-000020.html"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-15519"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-000020"
},
{
"db": "NVD",
"id": "CVE-2020-5536"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-152"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-15519"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-000020"
},
{
"db": "NVD",
"id": "CVE-2020-5536"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-152"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-03-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-15519"
},
{
"date": "2020-03-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-000020"
},
{
"date": "2020-03-04T02:15:13.347000",
"db": "NVD",
"id": "CVE-2020-5536"
},
{
"date": "2020-03-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202003-152"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-03-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-15519"
},
{
"date": "2020-03-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-000020"
},
{
"date": "2020-03-05T15:44:58.103000",
"db": "NVD",
"id": "CVE-2020-5536"
},
{
"date": "2020-03-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202003-152"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202003-152"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenBlocks IoT VX2 Multiple vulnerabilities in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-000020"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202003-152"
}
],
"trust": 0.6
}
}
JVNDB-2020-000022
Vulnerability from jvndb - Published: 2020-04-08 16:12 - Updated:2020-04-08 16:12
Severity
Summary
Multiple vulnerabilities in EasyBlocks IPv6
Details
EasyBlocks IPv6 provided by Plat'Home Co., Ltd. contains multiple vulnerabilities listed below.
*Cross site request forgery(CWE-352) - CVE-2020-5549
*Session fixation (CWE-384) - CVE-2020-5550
Hideki SAKAMOTO of Tsukuba Secure Network Research reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
| Type | URL | |
|---|---|---|
|
|
||
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2020/JVNDB-2020-000022.html",
"dc:date": "2020-04-08T16:12+09:00",
"dcterms:issued": "2020-04-08T16:12+09:00",
"dcterms:modified": "2020-04-08T16:12+09:00",
"description": "EasyBlocks IPv6 provided by Plat\u0027Home Co., Ltd. contains multiple vulnerabilities listed below.\r\n*Cross site request forgery(CWE-352) - CVE-2020-5549\r\n*Session fixation (CWE-384) - CVE-2020-5550\r\n\r\nHideki SAKAMOTO of Tsukuba Secure Network Research reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2020/JVNDB-2020-000022.html",
"sec:cpe": [
{
"#text": "cpe:/o:plathome:easyblocks_ipv6_enterprise_firmware",
"@product": "EasyBlocks IPv6 Enterprise",
"@vendor": "Plat\u0027Home Co., Ltd.",
"@version": "2.2"
},
{
"#text": "cpe:/o:plathome:easyblocks_ipv6_firmware",
"@product": "EasyBlocks IPv6",
"@vendor": "Plat\u0027Home Co., Ltd.",
"@version": "2.2"
}
],
"sec:cvss": [
{
"@score": "4.0",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"@version": "2.0"
},
{
"@score": "4.2",
"@severity": "Medium",
"@type": "Base",
"@vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2020-000022",
"sec:references": [
{
"#text": "https://jvn.jp/en/jp/JVN89224521/index.html",
"@id": "JVN#89224521",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5549",
"@id": "CVE-2020-5549",
"@source": "CVE"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5550",
"@id": "CVE-2020-5550",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2020-5549",
"@id": "CVE-2020-5549",
"@source": "NVD"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2020-5550",
"@id": "CVE-2020-5550",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-352",
"@title": "Cross-Site Request Forgery(CWE-352)"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "Multiple vulnerabilities in EasyBlocks IPv6"
}