var-201902-0199
Vulnerability from variot
Insufficient access restrictions for license manager services for multiple Yokogawa products (CWE-302) Vulnerabilities exist. This vulnerability information is provided by developers for the purpose of disseminating to product users. JPCERT/CC To report to JPCERT/CC By developers and the United States ICS-CERT And adjusted.License manager service operated by a remote third party PC , Any file may be created or overwritten in any location with the system authority to execute the service. Multiple Yokogawa Products are prone to an arbitrary file-upload vulnerability. An attacker may leverage this issue to upload arbitrary files to the affected computer; this can result in arbitrary code execution within the context of the vulnerable application. The following Yokogawa products are vulnerable: CENTUM VP R5.01.00 through R6.06.00 CENTUM VP Entry Class R5.01.00 through R6.06.00 ProSafe-RS R3.01.00 through R4.04.00 PRM R4.01.00 through R4.02.00 B/M9000 VP R7.01.01 through R8.02.03. are all products of Japan's Yokogawa Electric (Yokogawa). ProSafe-RS is a safety instrumented system. License Manager Service is a license management service used in it. A security vulnerability exists in several Yokogawa products due to the program not properly restricting the upload of malicious files
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201902-0199", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "centum vp", scope: "gte", trust: 1, vendor: "yokogawa", version: "r5.01.00", }, { model: "prm", scope: "lte", trust: 1, vendor: "yokogawa", version: "r4.02.00", }, { model: "prosafe-rs", scope: "lte", trust: 1, vendor: "yokogawa", version: "r4.04.00", }, { model: "prosafe-rs", scope: "gte", trust: 1, vendor: "yokogawa", version: "r3.01.00", }, { model: "centum vp", scope: "lte", trust: 1, vendor: "yokogawa", version: "r6.06.00", }, { model: "b\\/m 9000 vp", scope: "lte", trust: 1, vendor: "yokogawa", version: "r8.02.03", }, { model: "b\\/m 9000 vp", scope: "gte", trust: 1, vendor: "yokogawa", version: "r7.01.01", }, { model: "prm", scope: "gte", trust: 1, vendor: "yokogawa", version: "r4.01.00", }, { model: "b/m9000 vp", scope: "lte", trust: 0.8, vendor: "yokogawa electric", version: "(r7.01.01 from r8.02.03 )", }, { model: "centum vp", scope: "lte", trust: 0.8, vendor: "yokogawa electric", version: "(r5.01.00 from r6.06.00 )", }, { model: "centum vp basic", scope: "lte", trust: 0.8, vendor: "yokogawa electric", version: "(r5.01.00 from r6.06.00 )", }, { model: "centum vp small", scope: "lte", trust: 0.8, vendor: "yokogawa electric", version: "(r5.01.00 from r6.06.00 )", }, { model: "prm", scope: "lte", trust: 0.8, vendor: "yokogawa electric", version: "(r4.01.00 from r4.02.00 )", }, { model: "prosafe-rs", scope: "lte", trust: 0.8, vendor: "yokogawa electric", version: "(r3.01.00 from r4.04.00 )", }, { model: "prosafe-rs r4.04.00", scope: null, trust: 0.3, vendor: "yokogawa", version: null, }, { model: "prosafe-rs r4.03.00", scope: null, trust: 0.3, vendor: "yokogawa", version: null, }, { model: "prosafe-rs r4.02.00", scope: null, trust: 0.3, vendor: "yokogawa", version: null, }, { model: "prosafe-rs r3.02.10", scope: null, trust: 0.3, vendor: "yokogawa", version: null, }, { model: "prosafe-rs r3.01.00", scope: null, trust: 0.3, vendor: "yokogawa", version: null, }, { model: "prm r4.02.00", scope: null, trust: 0.3, vendor: "yokogawa", version: null, }, { model: "prm r4.01.00", scope: null, trust: 0.3, vendor: "yokogawa", version: null, }, { model: "centum vp entry class r6.06.00", scope: null, trust: 0.3, vendor: "yokogawa", version: null, }, { model: "centum vp entry class r6.04.00", scope: null, trust: 0.3, vendor: "yokogawa", version: null, }, { model: "centum vp entry class r6.03.10", scope: null, trust: 0.3, vendor: "yokogawa", version: null, }, { model: "centum vp entry class r5.04.00", scope: null, trust: 0.3, vendor: "yokogawa", version: null, }, { model: "centum vp entry class r5.03.51", scope: null, trust: 0.3, vendor: "yokogawa", version: null, }, { model: "centum vp entry class r5.03.20", scope: null, trust: 0.3, vendor: "yokogawa", version: null, }, { model: "centum vp entry class r5.03.00", scope: null, trust: 0.3, vendor: "yokogawa", version: null, }, { model: "centum vp entry class r5.01.00", scope: null, trust: 0.3, vendor: "yokogawa", version: null, }, { model: "centum vp r6.06.00", scope: null, trust: 0.3, vendor: "yokogawa", version: null, }, { model: "centum vp r6.04.00", scope: null, trust: 0.3, vendor: "yokogawa", version: null, }, { model: "centum vp r6.03.10", scope: null, trust: 0.3, vendor: "yokogawa", version: null, }, { model: "centum vp r5.04.20", scope: null, trust: 0.3, vendor: "yokogawa", version: null, }, { model: "centum vp r5.04.00", scope: null, trust: 0.3, vendor: "yokogawa", version: null, }, { model: "centum vp r5.01.00", scope: null, trust: 0.3, vendor: "yokogawa", version: null, }, { model: "b/m9000 vp r8.02.03", scope: null, trust: 0.3, vendor: "yokogawa", version: null, }, { model: "b/m9000 vp r8.01.90", scope: null, trust: 0.3, vendor: "yokogawa", version: null, }, { model: "b/m9000 vp r8.01.01", scope: null, trust: 0.3, vendor: "yokogawa", version: null, }, { model: "b/m9000 vp r7.03.04", scope: null, trust: 0.3, vendor: "yokogawa", version: null, }, { model: "b/m9000 vp r7.03.01", scope: null, trust: 0.3, vendor: "yokogawa", version: null, }, { model: "b/m9000 vp r7.01.01", scope: null, trust: 0.3, vendor: "yokogawa", version: null, }, { model: "prosafe-rs r4.04.01", scope: "ne", trust: 0.3, vendor: "yokogawa", version: null, }, { model: "prosafe-rs r3.02.38", scope: "ne", trust: 0.3, vendor: "yokogawa", version: null, }, { model: "prm r4.02.01", scope: "ne", trust: 0.3, vendor: "yokogawa", version: null, }, { model: "centum vp entry class r6.06.03", scope: "ne", trust: 0.3, vendor: "yokogawa", version: null, }, { model: "centum vp entry class r5.04.c5", scope: "ne", trust: 0.3, vendor: "yokogawa", version: null, }, { model: "centum vp r6.06.03", scope: "ne", trust: 0.3, vendor: "yokogawa", version: null, }, { model: "centum vp r5.04.c5", scope: "ne", trust: 0.3, vendor: "yokogawa", version: null, }, ], sources: [ { db: "BID", id: "106772", }, { db: "JVNDB", id: "JVNDB-2019-001193", }, { db: "NVD", id: "CVE-2019-5909", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:yokogawa:centum_vp:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "r6.06.00", versionStartIncluding: "r5.01.00", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:yokogawa:prosafe-rs:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "r4.04.00", versionStartIncluding: "r3.01.00", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:yokogawa:centum_vp:*:*:*:*:small:*:*:*", cpe_name: [], versionEndIncluding: "r6.06.00", versionStartIncluding: "r5.01.00", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:yokogawa:centum_vp:*:*:*:*:basic:*:*:*", cpe_name: [], versionEndIncluding: "r6.06.00", versionStartIncluding: "r5.01.00", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:yokogawa:b\\/m_9000_vp:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "r8.02.03", versionStartIncluding: "r7.01.01", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:yokogawa:prm:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "r4.02.00", versionStartIncluding: "r4.01.00", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2019-5909", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Kaspersky Lab,Segey Temnikov", sources: [ { db: "CNNVD", id: "CNNVD-201901-972", }, ], trust: 0.6, }, cve: "CVE-2019-5909", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, impactScore: 10, integrityImpact: "COMPLETE", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "HIGH", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, { acInsufInfo: null, accessComplexity: "High", accessVector: "Network", authentication: "None", author: "JPCERT/CC", availabilityImpact: "Complete", baseScore: 7.6, confidentialityImpact: "Complete", exploitabilityScore: null, id: "JVNDB-2019-001193", impactScore: null, integrityImpact: "Complete", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:H/Au:N/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "VHN-157344", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:C/I:C/A:C", version: "2.0", }, { acInsufInfo: null, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULMON", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "CVE-2019-5909", impactScore: 10, integrityImpact: "COMPLETE", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "HIGH", trust: 0.1, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "NVD", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, { attackComplexity: "High", attackVector: "Network", author: "JPCERT/CC", availabilityImpact: "High", baseScore: 8.1, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "JVNDB-2019-001193", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2019-5909", trust: 1, value: "CRITICAL", }, { author: "JPCERT/CC", id: "JVNDB-2019-001193", trust: 0.8, value: "High", }, { author: "CNNVD", id: "CNNVD-201901-972", trust: 0.6, value: "CRITICAL", }, { author: "VULHUB", id: "VHN-157344", trust: 0.1, value: "HIGH", }, { author: "VULMON", id: "CVE-2019-5909", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "VULHUB", id: "VHN-157344", }, { db: "VULMON", id: "CVE-2019-5909", }, { db: "JVNDB", id: "JVNDB-2019-001193", }, { db: "NVD", id: "CVE-2019-5909", }, { db: "CNNVD", id: "CNNVD-201901-972", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Insufficient access restrictions for license manager services for multiple Yokogawa products (CWE-302) Vulnerabilities exist. This vulnerability information is provided by developers for the purpose of disseminating to product users. JPCERT/CC To report to JPCERT/CC By developers and the United States ICS-CERT And adjusted.License manager service operated by a remote third party PC , Any file may be created or overwritten in any location with the system authority to execute the service. Multiple Yokogawa Products are prone to an arbitrary file-upload vulnerability. \nAn attacker may leverage this issue to upload arbitrary files to the affected computer; this can result in arbitrary code execution within the context of the vulnerable application. \nThe following Yokogawa products are vulnerable:\nCENTUM VP R5.01.00 through R6.06.00\nCENTUM VP Entry Class R5.01.00 through R6.06.00\nProSafe-RS R3.01.00 through R4.04.00\nPRM R4.01.00 through R4.02.00\nB/M9000 VP R7.01.01 through R8.02.03. are all products of Japan's Yokogawa Electric (Yokogawa). ProSafe-RS is a safety instrumented system. License Manager Service is a license management service used in it. A security vulnerability exists in several Yokogawa products due to the program not properly restricting the upload of malicious files", sources: [ { db: "JVNDB", id: "JVNDB-2019-001193", }, { db: "BID", id: "106772", }, { db: "VULHUB", id: "VHN-157344", }, ], trust: 1.08, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2019-5909", trust: 2.9, }, { db: "JVN", id: "JVNVU99147082", trust: 2.6, }, { db: "BID", id: "106772", trust: 2.1, }, { db: "ICS CERT", id: "ICSA-19-029-01", trust: 1.2, }, { db: "JVNDB", id: "JVNDB-2019-001193", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-201901-972", trust: 0.7, }, { db: "SEEBUG", id: "SSVID-98807", trust: 0.1, }, { db: "VULHUB", id: "VHN-157344", trust: 0.1, }, { db: "VULMON", id: "CVE-2019-5909", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-157344", }, { db: "VULMON", id: "CVE-2019-5909", }, { db: "BID", id: "106772", }, { db: "JVNDB", id: "JVNDB-2019-001193", }, { db: "NVD", id: "CVE-2019-5909", }, { db: "CNNVD", id: "CNNVD-201901-972", }, ], }, id: "VAR-201902-0199", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-157344", }, ], trust: 0.3410628, }, last_update_date: "2023-12-18T13:52:25.139000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "YSAR-19-0001: 横河製品のライセンスマネージャーサービスにアクセス制御の脆弱性", trust: 0.8, url: "https://web-material3.yokogawa.com/19/20653/files/ysar-19-0001-j.pdf", }, { title: "Multiple Yokogawa Product security vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=89041", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2019-001193", }, { db: "CNNVD", id: "CNNVD-201901-972", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-287", trust: 1.1, }, { problemtype: "CWE-302", trust: 0.8, }, ], sources: [ { db: "VULHUB", id: "VHN-157344", }, { db: "JVNDB", id: "JVNDB-2019-001193", }, { db: "NVD", id: "CVE-2019-5909", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.5, url: "http://www.securityfocus.com/bid/106772", }, { trust: 2.1, url: "https://web-material3.yokogawa.com/1/20653/files/ysar-19-0001-e.pdf", }, { trust: 1.8, url: "http://jvn.jp/vu/jvnvu99147082/index.html", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2019-5909", }, { trust: 1.2, url: "https://ics-cert.us-cert.gov/advisories/icsa-19-029-01", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5909", }, { trust: 0.8, url: "https://jvn.jp/vu/jvnvu99147082/", }, { trust: 0.3, url: "http://www.yokogawa.com/", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/287.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULHUB", id: "VHN-157344", }, { db: "VULMON", id: "CVE-2019-5909", }, { db: "BID", id: "106772", }, { db: "JVNDB", id: "JVNDB-2019-001193", }, { db: "NVD", id: "CVE-2019-5909", }, { db: "CNNVD", id: "CNNVD-201901-972", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-157344", }, { db: "VULMON", id: "CVE-2019-5909", }, { db: "BID", id: "106772", }, { db: "JVNDB", id: "JVNDB-2019-001193", }, { db: "NVD", id: "CVE-2019-5909", }, { db: "CNNVD", id: "CNNVD-201901-972", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-02-13T00:00:00", db: "VULHUB", id: "VHN-157344", }, { date: "2019-02-13T00:00:00", db: "VULMON", id: "CVE-2019-5909", }, { date: "2019-01-29T00:00:00", db: "BID", id: "106772", }, { date: "2019-01-28T00:00:00", db: "JVNDB", id: "JVNDB-2019-001193", }, { date: "2019-02-13T18:29:00.747000", db: "NVD", id: "CVE-2019-5909", }, { date: "2019-01-30T00:00:00", db: "CNNVD", id: "CNNVD-201901-972", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-08-24T00:00:00", db: "VULHUB", id: "VHN-157344", }, { date: "2020-08-24T00:00:00", db: "VULMON", id: "CVE-2019-5909", }, { date: "2019-01-29T00:00:00", db: "BID", id: "106772", }, { date: "2019-01-28T00:00:00", db: "JVNDB", id: "JVNDB-2019-001193", }, { date: "2020-08-24T17:37:01.140000", db: "NVD", id: "CVE-2019-5909", }, { date: "2020-08-25T00:00:00", db: "CNNVD", id: "CNNVD-201901-972", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201901-972", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Vulnerabilities with insufficient access restrictions for license manager services of multiple Yokogawa products", sources: [ { db: "JVNDB", id: "JVNDB-2019-001193", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "authorization issue", sources: [ { db: "CNNVD", id: "CNNVD-201901-972", }, ], trust: 0.6, }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.