All the vulnerabilites related to OMRON Corporation - SYSMAC-SE2[][][]
jvndb-2024-011833
Vulnerability from jvndb
Published
2024-11-05 15:29
Modified
2024-11-05 15:29
Severity ?
Summary
Incorrect authorization vulnerability in OMRON Sysmac Studio
Details
Sysmac Studio provided by OMRON Corporation contains an incorrect authorization vulnerability (CWE-863, CVE-2024-49501).
OMRON Corporation reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC coordinated with OMRON Corporation for the JVN advisory publication.
References
▼ | Type | URL |
---|---|---|
JVN | https://jvn.jp/en/vu/JVNVU95685374/index.html | |
CVE | https://www.cve.org/CVERecord?id=CVE-2024-49501 | |
Incorrect Authorization(CWE-863) | https://cwe.mitre.org/data/definitions/863.html |
Impacted products
▼ | Vendor | Product |
---|---|---|
OMRON Corporation | SYSMAC-SE2[][][] |
{ "@rdf:about": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-011833.html", "dc:date": "2024-11-05T15:29+09:00", "dcterms:issued": "2024-11-05T15:29+09:00", "dcterms:modified": "2024-11-05T15:29+09:00", "description": "Sysmac Studio provided by OMRON Corporation contains an incorrect authorization vulnerability (CWE-863, CVE-2024-49501).\r\n\r\nOMRON Corporation reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC coordinated with OMRON Corporation for the JVN advisory publication.", "link": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-011833.html", "sec:cpe": { "#text": "cpe:/a:omron:sysmac-se2", "@product": "SYSMAC-SE2[][][]", "@vendor": "OMRON Corporation", "@version": "2.2" }, "sec:cvss": { "@score": "5.7", "@severity": "Medium", "@type": "Base", "@vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", "@version": "3.0" }, "sec:identifier": "JVNDB-2024-011833", "sec:references": [ { "#text": "https://jvn.jp/en/vu/JVNVU95685374/index.html", "@id": "JVNVU#95685374", "@source": "JVN" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2024-49501", "@id": "CVE-2024-49501", "@source": "CVE" }, { "#text": "https://cwe.mitre.org/data/definitions/863.html", "@id": "CWE-863", "@title": "Incorrect Authorization(CWE-863)" } ], "title": "Incorrect authorization vulnerability in OMRON Sysmac Studio" }
cve-2024-49501
Vulnerability from cvelistv5
Published
2024-11-01 04:07
Modified
2024-11-01 15:06
Severity ?
EPSS score ?
Summary
Sysmac Studio provided by OMRON Corporation contains an incorrect authorization vulnerability. If this vulnerability is exploited, an attacker may access the program which is protected by Data Protection function.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | OMRON Corporation | SYSMAC-SE2[][][] |
Version: all versions |
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-49501", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-11-01T15:06:44.922885Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-01T15:06:52.374Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "SYSMAC-SE2[][][]", "vendor": "OMRON Corporation", "versions": [ { "status": "affected", "version": "all versions" } ] } ], "descriptions": [ { "lang": "en", "value": "Sysmac Studio provided by OMRON Corporation contains an incorrect authorization vulnerability. If this vulnerability is exploited, an attacker may access the program which is protected by Data Protection function." } ], "metrics": [ { "cvssV3_0": { "baseScore": 5.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", "version": "3.0" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-863", "description": "Incorrect authorization", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-01T04:07:39.666Z", "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert" }, "references": [ { "url": "https://www.fa.omron.co.jp/product/security/assets/pdf/en/OMSR-2024-006_en.pdf" }, { "url": "https://www.fa.omron.co.jp/product/security/assets/pdf/ja/OMSR-2024-006_ja.pdf" }, { "url": "https://jvn.jp/en/vu/JVNVU95685374" } ] } }, "cveMetadata": { "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "assignerShortName": "jpcert", "cveId": "CVE-2024-49501", "datePublished": "2024-11-01T04:07:39.666Z", "dateReserved": "2024-10-15T11:32:15.313Z", "dateUpdated": "2024-11-01T15:06:52.374Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }