20 matches found
EUVD-2021-8071
Malicious code in bioql PyPI...
CVE-2021-20653
Calsos CSDJ CSDJ-B 01.08.00 and earlier, CSDJ-H 01.08.00 and earlier, CSDJ-D 01.08.00 and earlier, and CSDJ-A 03.08.00 and earlier allows remote attackers to bypass access restriction and to obtain unauthorized historical data without access privileges via unspecified vectors...
CVE-2021-20653
Calsos CSDJ CSDJ-B 01.08.00 and earlier, CSDJ-H 01.08.00 and earlier, CSDJ-D 01.08.00 and earlier, and CSDJ-A 03.08.00 and earlier allows remote attackers to bypass access restriction and to obtain unauthorized historical data without access privileges via unspecified vectors...
CVE-2021-20653
CVE-2021-20653 affects NEC Calsos CSDJ (B 01.08.00 and earlier, H 01.08.00 and earlier, D 01.08.00 and earlier, A 03.08.00 and earlier). The issue is a permission check bypass (CWE-264) that may allow an authenticated user to view unauthorized historical data without proper access. Root cause is ...
CVE-2021-20653
Calsos CSDJ CSDJ-B 01.08.00 and earlier, CSDJ-H 01.08.00 and earlier, CSDJ-D 01.08.00 and earlier, and CSDJ-A 03.08.00 and earlier allows remote attackers to bypass access restriction and to obtain unauthorized historical data without access privileges via unspecified vectors...
Calsos CSDJ fails to restrict access permissions
Overview Calsos CSDJ provided by NEC Platforms, Ltd. fails to restrict access permissions CWE-264, which may lead to an unauthorized user being able to view the historical data without access privileges. Takayuki Sasaki and Katsunari Yoshioka of Yokohama National University reported this...
JVN#87164507: Calsos CSDJ fails to restrict access permissions
Calsos CSDJ provided by NEC Platforms, Ltd. fails to restrict access permissions CWE-264, which may lead to an unauthorized user being able to view the historical data without access privileges. Impact A user who can login to the product may obtain unauthorized historical data without access...
NEC Calsos CSDJ Authorization Issues Vulnerability
NEC Calsos CSDJ is a monitoring device from NEC Corporation of Japan. It provides IoT-enabled remote monitoring systems in various industries such as water and wastewater, manufacturing and agriculture. An authorization issue vulnerability exists in Calsos CSDJ that stems from a lack of...
NEC Platforms Calsos CSDX and CSDJ Series Products Cross-Site Scripting Vulnerability
NEC Platforms Calsos CSDX and CSDJ are both remote monitoring devices from NEC Platforms Japan. A cross-site scripting vulnerability exists in the NEC Platforms Calsos CSDX and CSDJ family of products, which can be exploited by remote attackers to inject arbitrary web script or HTML...
CVE-2018-0614
Cross-site scripting vulnerability in NEC Platforms Calsos CSDX and CSDJ series products CSDX 1.37210411 and earlier, CSDXP 4.37210411 and earlier, CSDXD 3.37210411 and earlier, CSDXS 2.37210411 and earlier, CSDJ-B 01.03.00 and earlier, CSDJ-H 01.03.00 and earlier, CSDJ-D 01.03.00 and earlier,...
CVE-2018-0613
NEC Platforms Calsos CSDX and CSDJ series products CSDX 1.37210411 and earlier, CSDXP 4.37210411 and earlier, CSDXD 3.37210411 and earlier, CSDXS 2.37210411 and earlier, CSDJ-B 01.03.00 and earlier, CSDJ-H 01.03.00 and earlier, CSDJ-D 01.03.00 and earlier, CSDJ-A 03.00.00 allows remote...
CVE-2018-0614
Cross-site scripting vulnerability in NEC Platforms Calsos CSDX and CSDJ series products CSDX 1.37210411 and earlier, CSDXP 4.37210411 and earlier, CSDXD 3.37210411 and earlier, CSDXS 2.37210411 and earlier, CSDJ-B 01.03.00 and earlier, CSDJ-H 01.03.00 and earlier, CSDJ-D 01.03.00 and earlier,...
Cross site scripting
Cross-site scripting vulnerability in NEC Platforms Calsos CSDX and CSDJ series products CSDX 1.37210411 and earlier, CSDXP 4.37210411 and earlier, CSDXD 3.37210411 and earlier, CSDXS 2.37210411 and earlier, CSDJ-B 01.03.00 and earlier, CSDJ-H 01.03.00 and earlier, CSDJ-D 01.03.00 and earlier,...
CVE-2018-0613
NEC Platforms Calsos CSDX and CSDJ series products CSDX 1.37210411 and earlier, CSDXP 4.37210411 and earlier, CSDXD 3.37210411 and earlier, CSDXS 2.37210411 and earlier, CSDJ-B 01.03.00 and earlier, CSDJ-H 01.03.00 and earlier, CSDJ-D 01.03.00 and earlier, CSDJ-A 03.00.00 allows remote...
Authentication flaw
NEC Platforms Calsos CSDX and CSDJ series products CSDX 1.37210411 and earlier, CSDXP 4.37210411 and earlier, CSDXD 3.37210411 and earlier, CSDXS 2.37210411 and earlier, CSDJ-B 01.03.00 and earlier, CSDJ-H 01.03.00 and earlier, CSDJ-D 01.03.00 and earlier, CSDJ-A 03.00.00 allows remote...
CVE-2018-0613
NEC Platforms Calsos CSDX and CSDJ series products CSDX 1.37210411 and earlier, CSDXP 4.37210411 and earlier, CSDXD 3.37210411 and earlier, CSDXS 2.37210411 and earlier, CSDJ-B 01.03.00 and earlier, CSDJ-H 01.03.00 and earlier, CSDJ-D 01.03.00 and earlier, CSDJ-A 03.00.00 allows remote...
CVE-2018-0613
CVE-2018-0613 affects NEC Platforms Calsos CSDX and CSDJ series (listed versions) and is an Access Restriction Bypass that allows remote authenticated attackers to perform arbitrary operations with administrative privileges via unspecified vectors. The connected JVN/NVD entries confirm affected p...
CVE-2018-0614
Cross-site scripting vulnerability in NEC Platforms Calsos CSDX and CSDJ series products CSDX 1.37210411 and earlier, CSDXP 4.37210411 and earlier, CSDXD 3.37210411 and earlier, CSDXS 2.37210411 and earlier, CSDJ-B 01.03.00 and earlier, CSDJ-H 01.03.00 and earlier, CSDJ-D 01.03.00 and earlier,...
CVE-2018-0614
CVE-2018-0614 affects NEC Platforms Calsos CSDX and CSDJ series (multiple builds: CSDX/CSDX(P)/CSDX(D)/CSDX(S)/CSDJ-B/H/D/A) and is a Cross-site scripting vulnerability (CWE-79). The Oracle/NVD entry confirms the issue allows remote attackers to inject arbitrary web script or HTML via unspecified...
Multiple vulnerabilities in Calsos CSDX and CSDJ series products
Overview Calsos CSDX and CSDJ series products provided by NEC Platforms, Ltd. contain multiple vulnerabilities listed below. Access Restriction Bypass CWE-284 - CVE-2018-0613 Cross-site scripting CWE-79 - CVE-2018-0614 NEC Platforms, Ltd. reported this vulnerability to JPCERT/CC to notify users o...