CVE-2024-27974 (GCVE-0-2024-27974)

Vulnerability from cvelistv5 – Published: 2024-03-18 07:59 – Updated: 2024-10-31 17:23
VLAI?
Summary
Cross-site request forgery vulnerability in FUJIFILM printers which implement CentreWare Internet Services or Internet Services allows a remote unauthenticated attacker to alter user information. In the case the user is an administrator, the settings such as the administrator's ID, password, etc. may be altered. As for the details of affected product names, model numbers, and versions, refer to the information provided by the vendor listed under [References].
Severity ?
6.3 (Medium)
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
CWE
  • Cross-site request forgery (CSRF)
Assigner
References
Impacted products
Vendor Product Version
FUJIFILM Business Inovation Corp. DocuPrint P450 d Affected: all versions
Create a notification for this product.
    FUJIFILM Business Inovation Corp. DocuPrint P450 JM Affected: all versions
Create a notification for this product.
    FUJIFILM Business Inovation Corp. DocuPrint P450 ps Affected: all versions
Create a notification for this product.
    FUJIFILM Business Inovation Corp. DocuPrint P455 d Affected: all versions
Create a notification for this product.
    FUJIFILM Business Inovation Corp. DocuPrint M455 df Affected: all versions
Create a notification for this product.
    FUJIFILM Business Inovation Corp. DocuPrint C2255 Affected: all versions
Create a notification for this product.
    FUJIFILM Business Inovation Corp. DocuPrint C2450 Affected: all versions
Create a notification for this product.
    FUJIFILM Business Inovation Corp. DocuPrint C2450 II Affected: all versions
Create a notification for this product.
    FUJIFILM Business Inovation Corp. DocuPrint C3200A Affected: all versions
Create a notification for this product.
    FUJIFILM Business Inovation Corp. DocuPrint C3350 Affected: all versions
Create a notification for this product.
    FUJIFILM Business Inovation Corp. DocuPrint C3360 Affected: all versions
Create a notification for this product.
    FUJIFILM Business Inovation Corp. DocuPrint C3450 d Affected: all versions
Create a notification for this product.
    FUJIFILM Business Inovation Corp. DocuPrint C3450 d II Affected: all versions
Create a notification for this product.
    FUJIFILM Business Inovation Corp. DocuPrint 4050 Affected: all versions
Create a notification for this product.
    FUJIFILM Business Inovation Corp. DocuPrint 4060 Affected: all versions
Create a notification for this product.
    FUJIFILM Business Inovation Corp. DocuPrint 5060 Affected: all versions
Create a notification for this product.
    FUJIFILM Business Inovation Corp. DocuCentre-IV C2260 Affected: all versions
Create a notification for this product.
    FUJIFILM Business Inovation Corp. DocuCentre-IV C2270 Affected: all versions
Create a notification for this product.
    FUJIFILM Business Inovation Corp. DocuCentre-IV C3370 Affected: all versions
Create a notification for this product.
    FUJIFILM Business Inovation Corp. DocuCentre-IV C4470 Affected: all versions
Create a notification for this product.
    FUJIFILM Business Inovation Corp. DocuCentre-IV C5570 Affected: all versions
Create a notification for this product.
    FUJIFILM Business Inovation Corp. ApeosPort-IV C2270 Affected: all versions
Create a notification for this product.
    FUJIFILM Business Inovation Corp. ApeosPort-IV C3370 Affected: all versions
Create a notification for this product.
    FUJIFILM Business Inovation Corp. ApeosPort-IV C4470 Affected: all versions
Create a notification for this product.
    FUJIFILM Business Inovation Corp. ApeosPort-IV C5570 Affected: all versions
Create a notification for this product.
    FUJIFILM Business Inovation Corp. ApeosPort-IV C2270 R Affected: all versions
Create a notification for this product.
    FUJIFILM Business Inovation Corp. ApeosPort-IV C3370 R Affected: all versions
Create a notification for this product.
    FUJIFILM Business Inovation Corp. ApeosPort-IV C4470 R Affected: all versions
Create a notification for this product.
    FUJIFILM Business Inovation Corp. ApeosPort-IV C5570 R Affected: all versions
Create a notification for this product.
    FUJIFILM Business Inovation Corp. ApeosWide 6050/3030 Affected: all versions
Create a notification for this product.
    FUJIFILM Business Inovation Corp. DocuWide 6057/3037 Affected: all versions
Create a notification for this product.
    FUJIFILM Business Inovation Corp. DocuWide 6055 Affected: all versions
Create a notification for this product.
    FUJIFILM Business Inovation Corp. DocuWide 3035 Affected: all versions
Create a notification for this product.
    FUJIFILM Business Inovation Corp. DocuWide C842 Affected: all versions
Create a notification for this product.
    FUJIFILM Business Inovation Corp. DocuWide 2055 Affected: all versions
Create a notification for this product.
    FUJIFILM Business Inovation Corp. DocuWide 9098α Affected: all versions
Create a notification for this product.
    FUJIFILM Business Inovation Corp. DocuWide 9095α Affected: all versions
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "LOW",
              "baseScore": 6.3,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "LOW",
              "integrityImpact": "LOW",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-27974",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-18T15:41:24.178975Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-352",
                "description": "CWE-352 Cross-Site Request Forgery (CSRF)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-31T17:23:55.536Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T00:41:55.916Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.fujifilm.com/fbglobal/eng/company/news/notice/2024/0306_1_announce.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://jvn.jp/en/jp/JVN34328023/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "DocuPrint P450 d",
          "vendor": "FUJIFILM Business Inovation Corp.",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "product": "DocuPrint P450 JM",
          "vendor": "FUJIFILM Business Inovation Corp.",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "product": "DocuPrint P450 ps",
          "vendor": "FUJIFILM Business Inovation Corp.",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "product": "DocuPrint P455 d",
          "vendor": "FUJIFILM Business Inovation Corp.",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "product": "DocuPrint M455 df",
          "vendor": "FUJIFILM Business Inovation Corp.",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "product": "DocuPrint C2255",
          "vendor": "FUJIFILM Business Inovation Corp.",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "product": "DocuPrint C2450",
          "vendor": "FUJIFILM Business Inovation Corp.",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "product": "DocuPrint C2450 II",
          "vendor": "FUJIFILM Business Inovation Corp.",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "product": "DocuPrint C3200A",
          "vendor": "FUJIFILM Business Inovation Corp.",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "product": "DocuPrint C3350",
          "vendor": "FUJIFILM Business Inovation Corp.",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "product": "DocuPrint C3360",
          "vendor": "FUJIFILM Business Inovation Corp.",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "product": "DocuPrint C3450 d",
          "vendor": "FUJIFILM Business Inovation Corp.",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "product": "DocuPrint C3450 d II",
          "vendor": "FUJIFILM Business Inovation Corp.",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "product": "DocuPrint 4050",
          "vendor": "FUJIFILM Business Inovation Corp.",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "product": "DocuPrint 4060",
          "vendor": "FUJIFILM Business Inovation Corp.",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "product": "DocuPrint 5060",
          "vendor": "FUJIFILM Business Inovation Corp.",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "product": "DocuCentre-IV C2260",
          "vendor": "FUJIFILM Business Inovation Corp.",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "product": "DocuCentre-IV C2270",
          "vendor": "FUJIFILM Business Inovation Corp.",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "product": "DocuCentre-IV C3370",
          "vendor": "FUJIFILM Business Inovation Corp.",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "product": "DocuCentre-IV C4470",
          "vendor": "FUJIFILM Business Inovation Corp.",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "product": "DocuCentre-IV C5570",
          "vendor": "FUJIFILM Business Inovation Corp.",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "product": "ApeosPort-IV C2270",
          "vendor": "FUJIFILM Business Inovation Corp.",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "product": "ApeosPort-IV C3370",
          "vendor": "FUJIFILM Business Inovation Corp.",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "product": "ApeosPort-IV C4470",
          "vendor": "FUJIFILM Business Inovation Corp.",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "product": "ApeosPort-IV C5570",
          "vendor": "FUJIFILM Business Inovation Corp.",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "product": "ApeosPort-IV C2270 R",
          "vendor": "FUJIFILM Business Inovation Corp.",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "product": "ApeosPort-IV C3370 R",
          "vendor": "FUJIFILM Business Inovation Corp.",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "product": "ApeosPort-IV C4470 R",
          "vendor": "FUJIFILM Business Inovation Corp.",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "product": "ApeosPort-IV C5570 R",
          "vendor": "FUJIFILM Business Inovation Corp.",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "product": "ApeosWide 6050/3030",
          "vendor": "FUJIFILM Business Inovation Corp.",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "product": "DocuWide 6057/3037",
          "vendor": "FUJIFILM Business Inovation Corp.",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "product": "DocuWide 6055",
          "vendor": "FUJIFILM Business Inovation Corp.",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "product": "DocuWide 3035",
          "vendor": "FUJIFILM Business Inovation Corp.",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "product": "DocuWide C842",
          "vendor": "FUJIFILM Business Inovation Corp.",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "product": "DocuWide 2055",
          "vendor": "FUJIFILM Business Inovation Corp.",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "product": "DocuWide 9098\u03b1",
          "vendor": "FUJIFILM Business Inovation Corp.",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "product": "DocuWide 9095\u03b1",
          "vendor": "FUJIFILM Business Inovation Corp.",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site request forgery vulnerability in FUJIFILM printers which implement CentreWare Internet Services or Internet Services allows a remote unauthenticated attacker to alter user information. In the case the user is an administrator, the settings such as the administrator\u0027s ID, password, etc. may be altered. As for the details of affected product names, model numbers, and versions, refer to the information provided by the vendor listed under [References]."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Cross-site request forgery (CSRF)",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-18T07:59:37.720Z",
        "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "shortName": "jpcert"
      },
      "references": [
        {
          "url": "https://www.fujifilm.com/fbglobal/eng/company/news/notice/2024/0306_1_announce.html"
        },
        {
          "url": "https://jvn.jp/en/jp/JVN34328023/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
    "assignerShortName": "jpcert",
    "cveId": "CVE-2024-27974",
    "datePublished": "2024-03-18T07:59:37.720Z",
    "dateReserved": "2024-02-28T23:42:20.075Z",
    "dateUpdated": "2024-10-31T17:23:55.536Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Cross-site request forgery vulnerability in FUJIFILM printers which implement CentreWare Internet Services or Internet Services allows a remote unauthenticated attacker to alter user information. In the case the user is an administrator, the settings such as the administrator\u0027s ID, password, etc. may be altered. As for the details of affected product names, model numbers, and versions, refer to the information provided by the vendor listed under [References].\"}, {\"lang\": \"es\", \"value\": \"Vulnerabilidad de Cross-Site Request Forgery en impresoras FUJIFILM que implementan CentreWare Internet Services o Internet Services permite que un atacante remoto no autenticado altere la informaci\\u00f3n del usuario. En el caso de que el usuario sea administrador, se podr\\u00e1n alterar configuraciones como ID de administrador, contrase\\u00f1a, etc. En cuanto a los detalles de los nombres de los productos, n\\u00fameros de modelo y versiones afectados, consulte la informaci\\u00f3n proporcionada por el proveedor que figura en [Referencias].\"}]",
      "id": "CVE-2024-27974",
      "lastModified": "2024-11-21T09:05:32.470",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L\", \"baseScore\": 6.3, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"LOW\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 3.4}]}",
      "published": "2024-03-18T08:15:06.287",
      "references": "[{\"url\": \"https://jvn.jp/en/jp/JVN34328023/\", \"source\": \"vultures@jpcert.or.jp\"}, {\"url\": \"https://www.fujifilm.com/fbglobal/eng/company/news/notice/2024/0306_1_announce.html\", \"source\": \"vultures@jpcert.or.jp\"}, {\"url\": \"https://jvn.jp/en/jp/JVN34328023/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.fujifilm.com/fbglobal/eng/company/news/notice/2024/0306_1_announce.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "vultures@jpcert.or.jp",
      "vulnStatus": "Awaiting Analysis",
      "weaknesses": "[{\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-352\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-27974\",\"sourceIdentifier\":\"vultures@jpcert.or.jp\",\"published\":\"2024-03-18T08:15:06.287\",\"lastModified\":\"2024-11-21T09:05:32.470\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Cross-site request forgery vulnerability in FUJIFILM printers which implement CentreWare Internet Services or Internet Services allows a remote unauthenticated attacker to alter user information. In the case the user is an administrator, the settings such as the administrator\u0027s ID, password, etc. may be altered. As for the details of affected product names, model numbers, and versions, refer to the information provided by the vendor listed under [References].\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de Cross-Site Request Forgery en impresoras FUJIFILM que implementan CentreWare Internet Services o Internet Services permite que un atacante remoto no autenticado altere la informaci\u00f3n del usuario. En el caso de que el usuario sea administrador, se podr\u00e1n alterar configuraciones como ID de administrador, contrase\u00f1a, etc. En cuanto a los detalles de los nombres de los productos, n\u00fameros de modelo y versiones afectados, consulte la informaci\u00f3n proporcionada por el proveedor que figura en [Referencias].\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L\",\"baseScore\":6.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.8,\"impactScore\":3.4}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-352\"}]}],\"references\":[{\"url\":\"https://jvn.jp/en/jp/JVN34328023/\",\"source\":\"vultures@jpcert.or.jp\"},{\"url\":\"https://www.fujifilm.com/fbglobal/eng/company/news/notice/2024/0306_1_announce.html\",\"source\":\"vultures@jpcert.or.jp\"},{\"url\":\"https://jvn.jp/en/jp/JVN34328023/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.fujifilm.com/fbglobal/eng/company/news/notice/2024/0306_1_announce.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.fujifilm.com/fbglobal/eng/company/news/notice/2024/0306_1_announce.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://jvn.jp/en/jp/JVN34328023/\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T00:41:55.916Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"LOW\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-27974\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-03-18T15:41:24.178975Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-352\", \"description\": \"CWE-352 Cross-Site Request Forgery (CSRF)\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-05-23T19:01:18.383Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"FUJIFILM Business Inovation Corp.\", \"product\": \"DocuPrint P450 d\", \"versions\": [{\"status\": \"affected\", \"version\": \"all versions\"}]}, {\"vendor\": \"FUJIFILM Business Inovation Corp.\", \"product\": \"DocuPrint P450 JM\", \"versions\": [{\"status\": \"affected\", \"version\": \"all versions\"}]}, {\"vendor\": \"FUJIFILM Business Inovation Corp.\", \"product\": \"DocuPrint P450 ps\", \"versions\": [{\"status\": \"affected\", \"version\": \"all versions\"}]}, {\"vendor\": \"FUJIFILM Business Inovation Corp.\", \"product\": \"DocuPrint P455 d\", \"versions\": [{\"status\": \"affected\", \"version\": \"all versions\"}]}, {\"vendor\": \"FUJIFILM Business Inovation Corp.\", \"product\": \"DocuPrint M455 df\", \"versions\": [{\"status\": \"affected\", \"version\": \"all versions\"}]}, {\"vendor\": \"FUJIFILM Business Inovation Corp.\", \"product\": \"DocuPrint C2255\", \"versions\": [{\"status\": \"affected\", \"version\": \"all versions\"}]}, {\"vendor\": \"FUJIFILM Business Inovation Corp.\", \"product\": \"DocuPrint C2450\", \"versions\": [{\"status\": \"affected\", \"version\": \"all versions\"}]}, {\"vendor\": \"FUJIFILM Business Inovation Corp.\", \"product\": \"DocuPrint C2450 II\", \"versions\": [{\"status\": \"affected\", \"version\": \"all versions\"}]}, {\"vendor\": \"FUJIFILM Business Inovation Corp.\", \"product\": \"DocuPrint C3200A\", \"versions\": [{\"status\": \"affected\", \"version\": \"all versions\"}]}, {\"vendor\": \"FUJIFILM Business Inovation Corp.\", \"product\": \"DocuPrint C3350\", \"versions\": [{\"status\": \"affected\", \"version\": \"all versions\"}]}, {\"vendor\": \"FUJIFILM Business Inovation Corp.\", \"product\": \"DocuPrint C3360\", \"versions\": [{\"status\": \"affected\", \"version\": \"all versions\"}]}, {\"vendor\": \"FUJIFILM Business Inovation Corp.\", \"product\": \"DocuPrint C3450 d\", \"versions\": [{\"status\": \"affected\", \"version\": \"all versions\"}]}, {\"vendor\": \"FUJIFILM Business Inovation Corp.\", \"product\": \"DocuPrint C3450 d II\", \"versions\": [{\"status\": \"affected\", \"version\": \"all versions\"}]}, {\"vendor\": \"FUJIFILM Business Inovation Corp.\", \"product\": \"DocuPrint 4050\", \"versions\": [{\"status\": \"affected\", \"version\": \"all versions\"}]}, {\"vendor\": \"FUJIFILM Business Inovation Corp.\", \"product\": \"DocuPrint 4060\", \"versions\": [{\"status\": \"affected\", \"version\": \"all versions\"}]}, {\"vendor\": \"FUJIFILM Business Inovation Corp.\", \"product\": \"DocuPrint 5060\", \"versions\": [{\"status\": \"affected\", \"version\": \"all versions\"}]}, {\"vendor\": \"FUJIFILM Business Inovation Corp.\", \"product\": \"DocuCentre-IV C2260\", \"versions\": [{\"status\": \"affected\", \"version\": \"all versions\"}]}, {\"vendor\": \"FUJIFILM Business Inovation Corp.\", \"product\": \"DocuCentre-IV C2270\", \"versions\": [{\"status\": \"affected\", \"version\": \"all versions\"}]}, {\"vendor\": \"FUJIFILM Business Inovation Corp.\", \"product\": \"DocuCentre-IV C3370\", \"versions\": [{\"status\": \"affected\", \"version\": \"all versions\"}]}, {\"vendor\": \"FUJIFILM Business Inovation Corp.\", \"product\": \"DocuCentre-IV C4470\", \"versions\": [{\"status\": \"affected\", \"version\": \"all versions\"}]}, {\"vendor\": \"FUJIFILM Business Inovation Corp.\", \"product\": \"DocuCentre-IV C5570\", \"versions\": [{\"status\": \"affected\", \"version\": \"all versions\"}]}, {\"vendor\": \"FUJIFILM Business Inovation Corp.\", \"product\": \"ApeosPort-IV C2270\", \"versions\": [{\"status\": \"affected\", \"version\": \"all versions\"}]}, {\"vendor\": \"FUJIFILM Business Inovation Corp.\", \"product\": \"ApeosPort-IV C3370\", \"versions\": [{\"status\": \"affected\", \"version\": \"all versions\"}]}, {\"vendor\": \"FUJIFILM Business Inovation Corp.\", \"product\": \"ApeosPort-IV C4470\", \"versions\": [{\"status\": \"affected\", \"version\": \"all versions\"}]}, {\"vendor\": \"FUJIFILM Business Inovation Corp.\", \"product\": \"ApeosPort-IV C5570\", \"versions\": [{\"status\": \"affected\", \"version\": \"all versions\"}]}, {\"vendor\": \"FUJIFILM Business Inovation Corp.\", \"product\": \"ApeosPort-IV C2270 R\", \"versions\": [{\"status\": \"affected\", \"version\": \"all versions\"}]}, {\"vendor\": \"FUJIFILM Business Inovation Corp.\", \"product\": \"ApeosPort-IV C3370 R\", \"versions\": [{\"status\": \"affected\", \"version\": \"all versions\"}]}, {\"vendor\": \"FUJIFILM Business Inovation Corp.\", \"product\": \"ApeosPort-IV C4470 R\", \"versions\": [{\"status\": \"affected\", \"version\": \"all versions\"}]}, {\"vendor\": \"FUJIFILM Business Inovation Corp.\", \"product\": \"ApeosPort-IV C5570 R\", \"versions\": [{\"status\": \"affected\", \"version\": \"all versions\"}]}, {\"vendor\": \"FUJIFILM Business Inovation Corp.\", \"product\": \"ApeosWide 6050/3030\", \"versions\": [{\"status\": \"affected\", \"version\": \"all versions\"}]}, {\"vendor\": \"FUJIFILM Business Inovation Corp.\", \"product\": \"DocuWide 6057/3037\", \"versions\": [{\"status\": \"affected\", \"version\": \"all versions\"}]}, {\"vendor\": \"FUJIFILM Business Inovation Corp.\", \"product\": \"DocuWide 6055\", \"versions\": [{\"status\": \"affected\", \"version\": \"all versions\"}]}, {\"vendor\": \"FUJIFILM Business Inovation Corp.\", \"product\": \"DocuWide 3035\", \"versions\": [{\"status\": \"affected\", \"version\": \"all versions\"}]}, {\"vendor\": \"FUJIFILM Business Inovation Corp.\", \"product\": \"DocuWide C842\", \"versions\": [{\"status\": \"affected\", \"version\": \"all versions\"}]}, {\"vendor\": \"FUJIFILM Business Inovation Corp.\", \"product\": \"DocuWide 2055\", \"versions\": [{\"status\": \"affected\", \"version\": \"all versions\"}]}, {\"vendor\": \"FUJIFILM Business Inovation Corp.\", \"product\": \"DocuWide 9098\\u03b1\", \"versions\": [{\"status\": \"affected\", \"version\": \"all versions\"}]}, {\"vendor\": \"FUJIFILM Business Inovation Corp.\", \"product\": \"DocuWide 9095\\u03b1\", \"versions\": [{\"status\": \"affected\", \"version\": \"all versions\"}]}], \"references\": [{\"url\": \"https://www.fujifilm.com/fbglobal/eng/company/news/notice/2024/0306_1_announce.html\"}, {\"url\": \"https://jvn.jp/en/jp/JVN34328023/\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Cross-site request forgery vulnerability in FUJIFILM printers which implement CentreWare Internet Services or Internet Services allows a remote unauthenticated attacker to alter user information. In the case the user is an administrator, the settings such as the administrator\u0027s ID, password, etc. may be altered. As for the details of affected product names, model numbers, and versions, refer to the information provided by the vendor listed under [References].\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"Cross-site request forgery (CSRF)\"}]}], \"providerMetadata\": {\"orgId\": \"ede6fdc4-6654-4307-a26d-3331c018e2ce\", \"shortName\": \"jpcert\", \"dateUpdated\": \"2024-03-18T07:59:37.720Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-27974\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-10-31T17:23:55.536Z\", \"dateReserved\": \"2024-02-28T23:42:20.075Z\", \"assignerOrgId\": \"ede6fdc4-6654-4307-a26d-3331c018e2ce\", \"datePublished\": \"2024-03-18T07:59:37.720Z\", \"assignerShortName\": \"jpcert\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.