Lucene search

JpcertCVE-2023-38433

HistoryJul 26, 2023 - 8:15 a.m.

CVE-2023-38433

2023-07-2608:15:10

CWE-798

jpcert

web.nvd.nist.gov

cve-2023-38433

fujitsu

real-time video transmission gear

ip series

hard-coded credentials

vulnerability

nvd

security

firmware

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.5

Confidence

High

EPSS

0.004

Percentile

74.4%

JSON

Fujitsu Real-time Video Transmission Gear “IP series” use hard-coded credentials, which may allow a remote unauthenticated attacker to initialize or reboot the products, and as a result, terminate the video transmission. Affected products and versions are as follows: IP-HE950E firmware versions V01L001 to V01L053, IP-HE950D firmware versions V01L001 to V01L053, IP-HE900E firmware versions V01L001 to V01L010, IP-HE900D firmware versions V01L001 to V01L004, IP-900E / IP-920E firmware versions V01L001 to V02L061, IP-900D / IP-900ⅡD / IP-920D firmware versions V01L001 to V02L061, IP-90 firmware versions V01L001 to V01L013, and IP-9610 firmware versions V01L001 to V02L007.

Affected configurations

Nvd

Node

fujitsuip-he950e_firmwareRangev01l001–v01l053

AND

fujitsuip-he950eMatch-

Node

fujitsuip-he950d_firmwareRangev01l001–v01l053

AND

fujitsuip-he950dMatch-

Node

fujitsuip-he900e_firmwareRangev01l001–v01l010

AND

fujitsuip-he900eMatch-

Node

fujitsuip-he900d_firmwareRangev01l001–v01l004

AND

fujitsuip-he900dMatch-

Node

fujitsuip-900e_firmwareRangev01l001–v02l061

AND

fujitsuip-900eMatch-

Node

fujitsuip-920e_firmwareRangev01l001–v02l061

AND

fujitsuip-920eMatch-

Node

fujitsuip-900d_firmwareRangev01l001–v02l061

AND

fujitsuip-900dMatch-

Node

fujitsuip-900iid_firmwareRangev01l001–v02l061

AND

fujitsuip-900iidMatch-

Node

fujitsuip-920d_firmwareRangev01l001–v02l061

AND

fujitsuip-920dMatch-

Node

fujitsuip-90_firmwareRangev01l001–v01l013

AND

fujitsuip-90Match-

Node

fujitsuip-9610_firmwareRangev01l001–v02l007

AND

fujitsuip-9610Match-

VendorProductVersionCPE
fujitsuip-he950e_firmware*cpe:2.3:o:fujitsu:ip-he950e_firmware:*:*:*:*:*:*:*:*
fujitsuip-he950e-cpe:2.3:h:fujitsu:ip-he950e:-:*:*:*:*:*:*:*
fujitsuip-he950d_firmware*cpe:2.3:o:fujitsu:ip-he950d_firmware:*:*:*:*:*:*:*:*
fujitsuip-he950d-cpe:2.3:h:fujitsu:ip-he950d:-:*:*:*:*:*:*:*
fujitsuip-he900e_firmware*cpe:2.3:o:fujitsu:ip-he900e_firmware:*:*:*:*:*:*:*:*
fujitsuip-he900e-cpe:2.3:h:fujitsu:ip-he900e:-:*:*:*:*:*:*:*
fujitsuip-he900d_firmware*cpe:2.3:o:fujitsu:ip-he900d_firmware:*:*:*:*:*:*:*:*
fujitsuip-he900d-cpe:2.3:h:fujitsu:ip-he900d:-:*:*:*:*:*:*:*
fujitsuip-900e_firmware*cpe:2.3:o:fujitsu:ip-900e_firmware:*:*:*:*:*:*:*:*
fujitsuip-900e-cpe:2.3:h:fujitsu:ip-900e:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
fujitsu	ip-he950e_firmware	*	cpe:2.3:o:fujitsu:ip-he950e_firmware::::::::
fujitsu	ip-he950e	-	cpe:2.3:h:fujitsu:ip-he950e:-:::::::*
fujitsu	ip-he950d_firmware	*	cpe:2.3:o:fujitsu:ip-he950d_firmware::::::::
fujitsu	ip-he950d	-	cpe:2.3:h:fujitsu:ip-he950d:-:::::::*
fujitsu	ip-he900e_firmware	*	cpe:2.3:o:fujitsu:ip-he900e_firmware::::::::
fujitsu	ip-he900e	-	cpe:2.3:h:fujitsu:ip-he900e:-:::::::*
fujitsu	ip-he900d_firmware	*	cpe:2.3:o:fujitsu:ip-he900d_firmware::::::::
fujitsu	ip-he900d	-	cpe:2.3:h:fujitsu:ip-he900d:-:::::::*
fujitsu	ip-900e_firmware	*	cpe:2.3:o:fujitsu:ip-900e_firmware::::::::
fujitsu	ip-900e	-	cpe:2.3:h:fujitsu:ip-900e:-:::::::*

Rows per page:

1-10 of 221

CNA Affected

[
  {
    "vendor": "Fujitsu Limited ",
    "product": "IP-HE950E",
    "versions": [
      {
        "version": "firmware versions V01L001 to V01L053",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Fujitsu Limited ",
    "product": "IP-HE950D",
    "versions": [
      {
        "version": "firmware versions V01L001 to V01L053",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Fujitsu Limited ",
    "product": "IP-HE900E",
    "versions": [
      {
        "version": "firmware versions V01L001 to V01L010",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Fujitsu Limited ",
    "product": "IP-HE900D",
    "versions": [
      {
        "version": "firmware versions V01L001 to V01L004",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Fujitsu Limited ",
    "product": "IP-900E / IP-920E",
    "versions": [
      {
        "version": "firmware versions V01L001 to V02L061",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Fujitsu Limited ",
    "product": "IP-900D / IP-900ⅡD / IP-920D",
    "versions": [
      {
        "version": "firmware versions V01L001 to V02L061",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Fujitsu Limited ",
    "product": "IP-90",
    "versions": [
      {
        "version": "firmware versions V01L001 to V01L013",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Fujitsu Limited ",
    "product": "IP-9610",
    "versions": [
      {
        "version": "firmware versions V01L001 to V02L007",
        "status": "affected"
      }
    ]
  }
]