10 matches found
EUVD-2021-8071
Malicious code in bioql PyPI...
CVE-2021-20653
Calsos CSDJ CSDJ-B 01.08.00 and earlier, CSDJ-H 01.08.00 and earlier, CSDJ-D 01.08.00 and earlier, and CSDJ-A 03.08.00 and earlier allows remote attackers to bypass access restriction and to obtain unauthorized historical data without access privileges via unspecified vectors...
CVE-2021-20653
Calsos CSDJ CSDJ-B 01.08.00 and earlier, CSDJ-H 01.08.00 and earlier, CSDJ-D 01.08.00 and earlier, and CSDJ-A 03.08.00 and earlier allows remote attackers to bypass access restriction and to obtain unauthorized historical data without access privileges via unspecified vectors...
CVE-2021-20653
CVE-2021-20653 affects NEC Calsos CSDJ (B 01.08.00 and earlier, H 01.08.00 and earlier, D 01.08.00 and earlier, A 03.08.00 and earlier). The issue is a permission check bypass (CWE-264) that may allow an authenticated user to view unauthorized historical data without proper access. Root cause is ...
CVE-2021-20653
Calsos CSDJ CSDJ-B 01.08.00 and earlier, CSDJ-H 01.08.00 and earlier, CSDJ-D 01.08.00 and earlier, and CSDJ-A 03.08.00 and earlier allows remote attackers to bypass access restriction and to obtain unauthorized historical data without access privileges via unspecified vectors...
Calsos CSDJ fails to restrict access permissions
Overview Calsos CSDJ provided by NEC Platforms, Ltd. fails to restrict access permissions CWE-264, which may lead to an unauthorized user being able to view the historical data without access privileges. Takayuki Sasaki and Katsunari Yoshioka of Yokohama National University reported this...
NEC Calsos CSDJ Authorization Issues Vulnerability
NEC Calsos CSDJ is a monitoring device from NEC Corporation of Japan. It provides IoT-enabled remote monitoring systems in various industries such as water and wastewater, manufacturing and agriculture. An authorization issue vulnerability exists in Calsos CSDJ that stems from a lack of...
JVN#87164507: Calsos CSDJ fails to restrict access permissions
Calsos CSDJ provided by NEC Platforms, Ltd. fails to restrict access permissions CWE-264, which may lead to an unauthorized user being able to view the historical data without access privileges. Impact A user who can login to the product may obtain unauthorized historical data without access...
NEC Platforms Calsos CSDX and CSDJ Series Products Cross-Site Scripting Vulnerability
NEC Platforms Calsos CSDX and CSDJ are both remote monitoring devices from NEC Platforms Japan. A cross-site scripting vulnerability exists in the NEC Platforms Calsos CSDX and CSDJ family of products, which can be exploited by remote attackers to inject arbitrary web script or HTML...
Multiple vulnerabilities in Calsos CSDX and CSDJ series products
Overview Calsos CSDX and CSDJ series products provided by NEC Platforms, Ltd. contain multiple vulnerabilities listed below. Access Restriction Bypass CWE-284 - CVE-2018-0613 Cross-site scripting CWE-79 - CVE-2018-0614 NEC Platforms, Ltd. reported this vulnerability to JPCERT/CC to notify users o...