CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
19.8%
FUJITSU Network Edgiot GW1500 (M2M-GW for FENICS) provided by Fujitsu Limited contains a path traversal vulnerability (CWE-22).
If a logged-in attacker with User Class privilege sends a specially crafted request to the affected product, access restricted files containing sensitive information may be accessed. As a result, Administrator Class privileges of the product may be hijacked.
Apply the Patch
Apply the patch according to the information provided by the developer.
Apply the Workaround
The following workaround may mitigate the impact of this vulnerability.