jvndb - jvndb-2022-002771

jvndb-2022-002771

Vulnerability from jvndb

Published

2022-12-07 17:30

Modified

2022-12-07 17:30

Severity ?

3.3 (Low) - cvssV3_0 - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Summary

Information Exposure Vulnerability in JP1/Automatic Operation

Details

An information exposure vulnerability (CVE-2022-34881) exists in JP1/Automatic Operation.

References

▼	Type	URL
	CVE	https://www.cve.org/CVERecord?id=CVE-2022-34881
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2022-34881
	No Mapping(CWE-noinfo)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

▼	Vendor	Product
	Hitachi, Ltd	JP1/Automatic Operation

Show details on JVN DB website

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2022/JVNDB-2022-002771.html",
  "dc:date": "2022-12-07T17:30+09:00",
  "dcterms:issued": "2022-12-07T17:30+09:00",
  "dcterms:modified": "2022-12-07T17:30+09:00",
  "description": "An information exposure vulnerability (CVE-2022-34881) exists in JP1/Automatic Operation.",
  "link": "https://jvndb.jvn.jp/en/contents/2022/JVNDB-2022-002771.html",
  "sec:cpe": {
    "#text": "cpe:/a:hitachi:jp1%2fautomatic_operation",
    "@product": "JP1/Automatic Operation",
    "@vendor": "Hitachi, Ltd",
    "@version": "2.2"
  },
  "sec:cvss": {
    "@score": "3.3",
    "@severity": "Low",
    "@type": "Base",
    "@vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
    "@version": "3.0"
  },
  "sec:identifier": "JVNDB-2022-002771",
  "sec:references": [
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2022-34881",
      "@id": "CVE-2022-34881",
      "@source": "CVE"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-34881",
      "@id": "CVE-2022-34881",
      "@source": "NVD"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-noinfo",
      "@title": "No Mapping(CWE-noinfo)"
    }
  ],
  "title": "Information Exposure Vulnerability in JP1/Automatic Operation"
}

cve-2022-34881

Vulnerability from cvelistv5

Published

2022-12-06 01:30

Modified

2024-08-03 09:22

Severity ?

3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Summary

Information Exposure Vulnerability in JP1/Automatic Operation

References

▼	URL	Tags
	https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2022-140/index.html	vendor-advisory

Impacted products

▼	Vendor	Product
	Hitachi	JP1/Automatic Operation
	Hitachi	JP1/Automatic Operation

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T09:22:10.810Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2022-140/index.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Windows"
          ],
          "product": "JP1/Automatic Operation",
          "vendor": "Hitachi",
          "versions": [
            {
              "lessThanOrEqual": "10-54-03",
              "status": "affected",
              "version": "10-00",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "11-51-09",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11-51-09",
              "status": "affected",
              "version": "11-00",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "12-60-01",
                  "status": "unaffected"
                }
              ],
              "lessThan": "12-60-01",
              "status": "affected",
              "version": "12-00",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Linux"
          ],
          "product": "JP1/Automatic Operation",
          "vendor": "Hitachi",
          "versions": [
            {
              "lessThanOrEqual": "10-54-03",
              "status": "affected",
              "version": "10-52",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "11-51-09",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11-51-09",
              "status": "affected",
              "version": "11-00",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "12-60-01",
                  "status": "unaffected"
                }
              ],
              "lessThan": "12-60-01",
              "status": "affected",
              "version": "12-00",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Generation of Error Message Containing Sensitive Information vulnerability in Hitachi JP1/Automatic Operation allows local users to gain sensitive information.\u003cbr\u003e\u003cbr\u003eThis issue affects JP1/Automatic Operation: from 10-00 through 10-54-03, from 11-00 before 11-51-09, from 12-00 before 12-60-01."
            }
          ],
          "value": "Generation of Error Message Containing Sensitive Information vulnerability in Hitachi JP1/Automatic Operation allows local users to gain sensitive information.\n\nThis issue affects JP1/Automatic Operation: from 10-00 through 10-54-03, from 11-00 before 11-51-09, from 12-00 before 12-60-01."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-114",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-114 Authentication Abuse"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-209",
              "description": "CWE-209 Generation of Error Message Containing Sensitive Information",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-01-17T04:28:30.546Z",
        "orgId": "50d0f415-c707-4733-9afc-8f6c0e9b3f82",
        "shortName": "Hitachi"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2022-140/index.html"
        }
      ],
      "source": {
        "advisory": "hitachi-sec-2022-140",
        "discovery": "UNKNOWN"
      },
      "title": "Information Exposure Vulnerability in JP1/Automatic Operation",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "50d0f415-c707-4733-9afc-8f6c0e9b3f82",
    "assignerShortName": "Hitachi",
    "cveId": "CVE-2022-34881",
    "datePublished": "2022-12-06T01:30:55.844Z",
    "dateReserved": "2022-06-30T19:24:29.442Z",
    "dateUpdated": "2024-08-03T09:22:10.810Z",
    "requesterUserId": "520cc88b-a1c8-44f6-9154-21a4d74c769f",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Log in or create an account to share your comment.

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.