ID CVE-2018-17900
Summary Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The web application improperly protects credentials which could allow an attacker to obtain credentials for remote access to controllers.
References
Vulnerable Configurations
  • cpe:2.3:o:yokogawa:fcj_firmware:r4.10
    cpe:2.3:o:yokogawa:fcj_firmware:r4.10
  • cpe:2.3:h:yokogawa:fcj
    cpe:2.3:h:yokogawa:fcj
  • cpe:2.3:o:yokogawa:fcn-100_firmware:r4.10
    cpe:2.3:o:yokogawa:fcn-100_firmware:r4.10
  • cpe:2.3:h:yokogawa:fcn-100
    cpe:2.3:h:yokogawa:fcn-100
  • cpe:2.3:o:yokogawa:fcn-rtu_firmware:r4.10
    cpe:2.3:o:yokogawa:fcn-rtu_firmware:r4.10
  • cpe:2.3:h:yokogawa:fcn-rtu
    cpe:2.3:h:yokogawa:fcn-rtu
  • cpe:2.3:o:yokogawa:fcn-500_firmware:r4.10
    cpe:2.3:o:yokogawa:fcn-500_firmware:r4.10
  • cpe:2.3:h:yokogawa:fcn-500
    cpe:2.3:h:yokogawa:fcn-500
CVSS
Base: 5.0
Impact:
Exploitability:
CWE CWE-255
CAPEC
refmap via4
confirm https://web-material3.yokogawa.com/YSAR-18-0007-E.pdf
misc https://ics-cert.us-cert.gov/advisories/ICSA-18-151-03
Last major update 12-10-2018 - 10:29
Published 12-10-2018 - 10:29
Last modified 30-11-2018 - 12:31
Back to Top