github - ghsa-wgrg-g2m9-jr56

ghsa-wgrg-g2m9-jr56

Vulnerability from github

Published

2023-07-26 09:30

Modified

2024-04-04 06:21

Severity ?

8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

Authentication bypass vulnerability in Fujitsu network devices Si-R series and SR-M series allows a network-adjacent unauthenticated attacker to obtain, change, and/or reset configuration settings of the affected products. Affected products and versions are as follows: Si-R 30B all versions, Si-R 130B all versions, Si-R 90brin all versions, Si-R570B all versions, Si-R370B all versions, Si-R220D all versions, Si-R G100 V02.54 and earlier, Si-R G200 V02.54 and earlier, Si-R G100B V04.12 and earlier, Si-R G110B V04.12 and earlier, Si-R G200B V04.12 and earlier, Si-R G210 V20.52 and earlier, Si-R G211 V20.52 and earlier, Si-R G120 V20.52 and earlier, Si-R G121 V20.52 and earlier, and SR-M 50AP1 all versions.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2023-38555"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-287"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-07-26T08:15:10Z",
    "severity": "HIGH"
  },
  "details": "Authentication bypass vulnerability in Fujitsu network devices Si-R series and SR-M series allows a network-adjacent unauthenticated attacker to obtain, change, and/or reset configuration settings of the affected products. Affected products and versions are as follows: Si-R 30B all versions, Si-R 130B all versions, Si-R 90brin all versions, Si-R570B all versions, Si-R370B all versions, Si-R220D all versions, Si-R G100 V02.54 and earlier, Si-R G200 V02.54 and earlier, Si-R G100B V04.12 and earlier, Si-R G110B V04.12 and earlier, Si-R G200B V04.12 and earlier, Si-R G210 V20.52 and earlier, Si-R G211 V20.52 and earlier, Si-R G120 V20.52 and earlier, Si-R G121 V20.52 and earlier, and SR-M 50AP1 all versions.",
  "id": "GHSA-wgrg-g2m9-jr56",
  "modified": "2024-04-04T06:21:45Z",
  "published": "2023-07-26T09:30:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38555"
    },
    {
      "type": "WEB",
      "url": "https://jvn.jp/en/vu/JVNVU96643580"
    },
    {
      "type": "WEB",
      "url": "https://www.fujitsu.com/jp/products/network/support/2023/fjlan-01"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CVE-2023-38555 (GCVE-0-2023-38555)

Vulnerability from cvelistv5

Published

2023-07-26 07:43

Modified

2024-11-14 15:00

Severity ?

CWE

Authentication bypass

Summary

References

URL

Tags

	https://www.fujitsu.com/jp/products/network/support/2023/fjlan-01/
	https://jvn.jp/en/vu/JVNVU96643580/

Impacted products

Vendor

Product

Version

Fujitsu Limited

Si-R 30B

Version: All versions

Fujitsu Limited	Si-R 130B	Version: All versions
Fujitsu Limited	Si-R 90brin	Version: All versions
Fujitsu Limited	Si-R570B	Version: All versions
Fujitsu Limited	Si-R370B	Version: All versions
Fujitsu Limited	Si-R220D	Version: All versions
Fujitsu Limited	Si-R G100	Version: V02.54 and earlier
Fujitsu Limited	Si-R G200	Version: V02.54 and earlier
Fujitsu Limited	Si-R G100B	Version: V04.12 and earlier
Fujitsu Limited	Si-R G110B	Version: V04.12 and earlier
Fujitsu Limited	Si-R G200B	Version: V04.12 and earlier
Fujitsu Limited	Si-R G210	Version: V20.52 and earlier
Fujitsu Limited	Si-R G211	Version: V20.52 and earlier
Fujitsu Limited	Si-R G120	Version: V20.52 and earlier
Fujitsu Limited	Si-R G121	Version: V20.52 and earlier
Fujitsu Limited	SR-M 50AP1	Version: All versions

Show details on NVD website