Action not permitted
Modal body text goes here.
jvndb-2024-003539
Vulnerability from jvndb
Published
2024-06-17 15:21
Modified
2024-06-17 15:21
Summary
Multiple vulnerabilities in Toshiba Tec and Oki Electric Industry MFPs
Details
MFPs (multifunction printers) provided by Toshiba Tec Corporation and Oki Electric Industry Co., Ltd. contain multiple vulnerabilities listed below.
<ul>
<li><b>Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') (<a href="https://cwe.mitre.org/data/definitions/776">CWE-776</a>) </b>- CVE-2024-27141, CVE-2024-27142</li>
<li><b>Execution with Unnecessary Privileges (<a href="https://cwe.mitre.org/data/definitions/250">CWE-250</a>) </b>- CVE-2024-27143, CVE-2024-27146, CVE-2024-27147, CVE-2024-3498</li>
<li><b>Incorrect Default Permissions (<a href="https://cwe.mitre.org/data/definitions/276">CWE-276</a>) </b>- CVE-2024-27148, CVE-2024-27149, CVE-2024-27150, CVE-2024-27151, CVE-2024-27152, CVE-2024-27153, CVE-2024-27155, CVE-2024-27167, CVE-2024-27171</li>
<li><b>Path Traversal (<a href="https://cwe.mitre.org/data/definitions/22">CWE-22</a>) </b>- CVE-2024-27144, CVE-2024-27145, CVE-2024-27173, CVE-2024-27174, CVE-2024-27176, CVE-2024-27177, CVE-2024-27178</li>
<li><b>Insertion of Sensitive Information into Log File (<a href="https://cwe.mitre.org/data/definitions/532">CWE-532</a>) </b>- CVE-2024-27154, CVE-2024-27156, CVE-2024-27157</li>
<li><b>Plaintext Storage of a Password (<a href="https://cwe.mitre.org/data/definitions/256">CWE-256</a>) </b>- CVE-2024-27166</li>
<li><b>Debug Messages Revealing Unnecessary Information (<a href="https://cwe.mitre.org/data/definitions/1295">CWE-1295</a>) </b>- CVE-2024-27179</li>
<li><b>Use of Default Credentials (<a href="https://cwe.mitre.org/data/definitions/1392">CWE-1392</a>) </b>- CVE-2024-27158</li>
<li><b>Use of Hard-coded Credentials (<a href="https://cwe.mitre.org/data/definitions/798">CWE-798</a>) </b>- CVE-2024-27159, CVE-2024-27160, CVE-2024-27161, CVE-2024-27168, CVE-2024-27170</li>
<li><b>Use of Hard-coded Password (<a href="https://cwe.mitre.org/data/definitions/259">CWE-259</a>) </b>- CVE-2024-27164</li>
<li><b>Cross-site Scripting (<a href="http://cwe.mitre.org/data/definitions/79">CWE-79</a>) </b>- CVE-2024-27162</li>
<li><b>Cleartext Transmission of Sensitive Information (<a href="https://cwe.mitre.org/data/definitions/319">CWE-319</a>) </b>- CVE-2024-27163</li>
<li><b>Least Privilege Violation (<a href="https://cwe.mitre.org/data/definitions/272">CWE-272</a>) </b>- CVE-2024-27165</li>
<li><b>Missing Authentication for Critical Function (<a href="https://cwe.mitre.org/data/definitions/306">CWE-306</a>) </b>- CVE-2024-27169</li>
<li><b>OS Command Injection (<a href="https://cwe.mitre.org/data/definitions/78">CWE-78</a>) </b>- CVE-2024-27172</li>
<li><b>External Control of File Name or Path (<a href="https://cwe.mitre.org/data/definitions/73">CWE-73</a>) </b>- CVE-2024-27175</li>
<li><b>Time-of-check Time-of-use (TOCTOU) Race Condition (<a href="https://cwe.mitre.org/data/definitions/367">CWE-367</a>) </b>- CVE-2024-27180</li>
<li><b>Authentication Bypass Using an Alternate Path or Channel (<a href="https://cwe.mitre.org/data/definitions/288">CWE-288</a></b>) - CVE-2024-3496</li>
<li><b>Relative Path Traversal (<a href="https://cwe.mitre.org/data/definitions/23">CWE-23</a>) </b>- CVE-2024-3497</li>
</ul>
Toshiba Tec Corporation reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.
References
Impacted products
{ "@rdf:about": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-003539.html", "dc:date": "2024-06-17T15:21+09:00", "dcterms:issued": "2024-06-17T15:21+09:00", "dcterms:modified": "2024-06-17T15:21+09:00", "description": "MFPs (multifunction printers) provided by Toshiba Tec Corporation and Oki Electric Industry Co., Ltd. contain multiple vulnerabilities listed below.\r\n\u003cul\u003e\r\n\t\u003cli\u003e\u003cb\u003eImproper Restriction of Recursive Entity References in DTDs (\u0026#39;XML Entity Expansion\u0026#39;) (\u003ca href=\"https://cwe.mitre.org/data/definitions/776\"\u003eCWE-776\u003c/a\u003e) \u003c/b\u003e- CVE-2024-27141, CVE-2024-27142\u003c/li\u003e\r\n\t\u003cli\u003e\u003cb\u003eExecution with Unnecessary Privileges (\u003ca href=\"https://cwe.mitre.org/data/definitions/250\"\u003eCWE-250\u003c/a\u003e) \u003c/b\u003e- CVE-2024-27143, CVE-2024-27146, CVE-2024-27147, CVE-2024-3498\u003c/li\u003e\r\n\t\u003cli\u003e\u003cb\u003eIncorrect Default Permissions (\u003ca href=\"https://cwe.mitre.org/data/definitions/276\"\u003eCWE-276\u003c/a\u003e) \u003c/b\u003e- CVE-2024-27148, CVE-2024-27149, CVE-2024-27150, CVE-2024-27151, CVE-2024-27152, CVE-2024-27153, CVE-2024-27155, CVE-2024-27167, CVE-2024-27171\u003c/li\u003e\r\n\t\u003cli\u003e\u003cb\u003ePath Traversal (\u003ca href=\"https://cwe.mitre.org/data/definitions/22\"\u003eCWE-22\u003c/a\u003e) \u003c/b\u003e- CVE-2024-27144, CVE-2024-27145, CVE-2024-27173, CVE-2024-27174, CVE-2024-27176, CVE-2024-27177, CVE-2024-27178\u003c/li\u003e\r\n\t\u003cli\u003e\u003cb\u003eInsertion of Sensitive Information into Log File (\u003ca href=\"https://cwe.mitre.org/data/definitions/532\"\u003eCWE-532\u003c/a\u003e) \u003c/b\u003e- CVE-2024-27154, CVE-2024-27156, CVE-2024-27157\u003c/li\u003e\r\n\t\u003cli\u003e\u003cb\u003ePlaintext Storage of a Password (\u003ca href=\"https://cwe.mitre.org/data/definitions/256\"\u003eCWE-256\u003c/a\u003e) \u003c/b\u003e- CVE-2024-27166\u003c/li\u003e\r\n\t\u003cli\u003e\u003cb\u003eDebug Messages Revealing Unnecessary Information (\u003ca href=\"https://cwe.mitre.org/data/definitions/1295\"\u003eCWE-1295\u003c/a\u003e) \u003c/b\u003e- CVE-2024-27179\u003c/li\u003e\r\n\t\u003cli\u003e\u003cb\u003eUse of Default Credentials (\u003ca href=\"https://cwe.mitre.org/data/definitions/1392\"\u003eCWE-1392\u003c/a\u003e) \u003c/b\u003e- CVE-2024-27158\u003c/li\u003e\r\n\t\u003cli\u003e\u003cb\u003eUse of Hard-coded Credentials (\u003ca href=\"https://cwe.mitre.org/data/definitions/798\"\u003eCWE-798\u003c/a\u003e) \u003c/b\u003e- CVE-2024-27159, CVE-2024-27160, CVE-2024-27161, CVE-2024-27168, CVE-2024-27170\u003c/li\u003e\r\n\t\u003cli\u003e\u003cb\u003eUse of Hard-coded Password (\u003ca href=\"https://cwe.mitre.org/data/definitions/259\"\u003eCWE-259\u003c/a\u003e) \u003c/b\u003e- CVE-2024-27164\u003c/li\u003e\r\n\t\u003cli\u003e\u003cb\u003eCross-site Scripting (\u003ca href=\"http://cwe.mitre.org/data/definitions/79\"\u003eCWE-79\u003c/a\u003e) \u003c/b\u003e- CVE-2024-27162\u003c/li\u003e\r\n\t\u003cli\u003e\u003cb\u003eCleartext Transmission of Sensitive Information (\u003ca href=\"https://cwe.mitre.org/data/definitions/319\"\u003eCWE-319\u003c/a\u003e) \u003c/b\u003e- CVE-2024-27163\u003c/li\u003e\r\n\t\u003cli\u003e\u003cb\u003eLeast Privilege Violation (\u003ca href=\"https://cwe.mitre.org/data/definitions/272\"\u003eCWE-272\u003c/a\u003e) \u003c/b\u003e- CVE-2024-27165\u003c/li\u003e\r\n\t\u003cli\u003e\u003cb\u003eMissing Authentication for Critical Function (\u003ca href=\"https://cwe.mitre.org/data/definitions/306\"\u003eCWE-306\u003c/a\u003e) \u003c/b\u003e- CVE-2024-27169\u003c/li\u003e\r\n\t\u003cli\u003e\u003cb\u003eOS Command Injection (\u003ca href=\"https://cwe.mitre.org/data/definitions/78\"\u003eCWE-78\u003c/a\u003e) \u003c/b\u003e- CVE-2024-27172\u003c/li\u003e\r\n\t\u003cli\u003e\u003cb\u003eExternal Control of File Name or Path (\u003ca href=\"https://cwe.mitre.org/data/definitions/73\"\u003eCWE-73\u003c/a\u003e) \u003c/b\u003e- CVE-2024-27175\u003c/li\u003e\r\n\t\u003cli\u003e\u003cb\u003eTime-of-check Time-of-use (TOCTOU) Race Condition (\u003ca href=\"https://cwe.mitre.org/data/definitions/367\"\u003eCWE-367\u003c/a\u003e) \u003c/b\u003e- CVE-2024-27180\u003c/li\u003e\r\n\t\u003cli\u003e\u003cb\u003eAuthentication Bypass Using an Alternate Path or Channel (\u003ca href=\"https://cwe.mitre.org/data/definitions/288\"\u003eCWE-288\u003c/a\u003e\u003c/b\u003e) - CVE-2024-3496\u003c/li\u003e\r\n\t\u003cli\u003e\u003cb\u003eRelative Path Traversal (\u003ca href=\"https://cwe.mitre.org/data/definitions/23\"\u003eCWE-23\u003c/a\u003e) \u003c/b\u003e- CVE-2024-3497\u003c/li\u003e\r\n\u003c/ul\u003e\r\n\r\nToshiba Tec Corporation reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.", "link": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-003539.html", "sec:cpe": [ { "#text": "cpe:/a:misc:oki_electric_industry_multiple_product", "@product": "(Multiple Products)", "@vendor": "Oki Electric Industry Co., Ltd.", "@version": "2.2" }, { "#text": "cpe:/a:toshibatec:multiple_product", "@product": "(Multiple Products)", "@vendor": "TOSHIBA TEC", "@version": "2.2" } ], "sec:identifier": "JVNDB-2024-003539", "sec:references": [ { "#text": "https://jvn.jp/en/vu/JVNVU97136265/index.html", "@id": "JVNVU#97136265", "@source": "JVN" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2024-27141", "@id": "CVE-2024-27141", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2024-27142", "@id": "CVE-2024-27142", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2024-27143", "@id": "CVE-2024-27143", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2024-27146", "@id": "CVE-2024-27146", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2024-27147", "@id": "CVE-2024-27147", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2024-3498", "@id": "CVE-2024-3498", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2024-27148", "@id": "CVE-2024-27148", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2024-27149", "@id": "CVE-2024-27149", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2024-27150", "@id": "CVE-2024-27150", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2024-27151", "@id": "CVE-2024-27151", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2024-27152", "@id": "CVE-2024-27152", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2024-27153", "@id": "CVE-2024-27153", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2024-27155", "@id": "CVE-2024-27155", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2024-27167", "@id": "CVE-2024-27167", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2024-27171", "@id": "CVE-2024-27171", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2024-27144", "@id": "CVE-2024-27144", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2024-27145", "@id": "CVE-2024-27145", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2024-27173", "@id": "CVE-2024-27173", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2024-27174", "@id": "CVE-2024-27174", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2024-27176", "@id": "CVE-2024-27176", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2024-27177", "@id": "CVE-2024-27177", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2024-27178", "@id": "CVE-2024-27178", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2024-27154", "@id": "CVE-2024-27154", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2024-27156", "@id": "CVE-2024-27156", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2024-27157", "@id": "CVE-2024-27157", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2024-27166", "@id": "CVE-2024-27166", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2024-27179", "@id": "CVE-2024-27179", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2024-27158", "@id": "CVE-2024-27158", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2024-27159", "@id": "CVE-2024-27159", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2024-27160", "@id": "CVE-2024-27160", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2024-27161", "@id": "CVE-2024-27161", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2024-27168", "@id": "CVE-2024-27168", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2024-27170", "@id": "CVE-2024-27170", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2024-27164", "@id": "CVE-2024-27164", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2024-27162", "@id": "CVE-2024-27162", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2024-27163", "@id": "CVE-2024-27163", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2024-27165", "@id": "CVE-2024-27165", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2024-27169", "@id": "CVE-2024-27169", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2024-27172", "@id": "CVE-2024-27172", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2024-27175", "@id": "CVE-2024-27175", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2024-27180", "@id": "CVE-2024-27180", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2024-3496", "@id": "CVE-2024-3496", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2024-3497", "@id": "CVE-2024-3497", "@source": "CVE" }, { "#text": "https://cwe.mitre.org/data/definitions/1295", "@id": "CWE-1295", "@title": "Debug Messages Revealing Unnecessary Information(CWE-1295)" }, { "#text": "https://cwe.mitre.org/data/definitions/1392.html", "@id": "CWE-1392", "@title": "Use of Default Credentials(CWE-1392)" }, { "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html", "@id": "CWE-22", "@title": "Path Traversal(CWE-22)" }, { "#text": "https://cwe.mitre.org/data/definitions/23.html", "@id": "CWE-23", "@title": "Relative Path Traversal(CWE-23)" }, { "#text": "https://cwe.mitre.org/data/definitions/250.html", "@id": "CWE-250", "@title": "Execution with Unnecessary Privileges(CWE-250)" }, { "#text": "https://cwe.mitre.org/data/definitions/256.html", "@id": "CWE-256", "@title": "Unprotected Storage of Credentials(CWE-256)" }, { "#text": "https://cwe.mitre.org/data/definitions/259.html", "@id": "CWE-259", "@title": "Use of Hard-coded Password(CWE-259)" }, { "#text": "https://cwe.mitre.org/data/definitions/272.html", "@id": "CWE-272", "@title": "Least Privilege Violation(CWE-272)" }, { "#text": "https://cwe.mitre.org/data/definitions/276.html", "@id": "CWE-276", "@title": "Incorrect Default Permissions(CWE-276)" }, { "#text": "https://cwe.mitre.org/data/definitions/288.html", "@id": "CWE-288", "@title": "Authentication Bypass Using an Alternate Path or Channel(CWE-288)" }, { "#text": "https://cwe.mitre.org/data/definitions/306.html", "@id": "CWE-306", "@title": "Missing Authentication for Critical Function(CWE-306)" }, { "#text": "https://cwe.mitre.org/data/definitions/319.html", "@id": "CWE-319", "@title": "Cleartext Transmission of Sensitive Information(CWE-319)" }, { "#text": "https://cwe.mitre.org/data/definitions/367.html", "@id": "CWE-367", "@title": "Time-of-check Time-of-use (TOCTOU) Race Condition(CWE-367)" }, { "#text": "https://cwe.mitre.org/data/definitions/532.html", "@id": "CWE-532", "@title": "Information Exposure Through Log Files(CWE-532)" }, { "#text": "https://cwe.mitre.org/data/definitions/73.html", "@id": "CWE-73", "@title": "External Control of File Name or Path(CWE-73)" }, { "#text": "http://cwe.mitre.org/data/definitions/776.html", "@id": "CWE-776", "@title": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)(CWE-776)" }, { "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html", "@id": "CWE-78", "@title": "OS Command Injection(CWE-78)" }, { "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html", "@id": "CWE-79", "@title": "Cross-site Scripting(CWE-79)" }, { "#text": "https://cwe.mitre.org/data/definitions/798.html", "@id": "CWE-798", "@title": "Use of Hard-coded Credentials(CWE-798)" } ], "title": "Multiple vulnerabilities in Toshiba Tec and Oki Electric Industry MFPs" }
cve-2024-27160
Vulnerability from cvelistv5
Published
2024-06-14 03:33
Modified
2024-08-02 00:27
Severity ?
EPSS score ?
Summary
Hardcoded password used to encrypt logs and use of weak cipher
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Toshiba Tec Corporation | Toshiba Tec e-Studio multi-function peripheral (MFP) |
Version: see the reference URL |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2521_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2521_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2020_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2020_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2520_nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2520_nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2021_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2021_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3025_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3025_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3028-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3028-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6526-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6526-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-9029-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-9029-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-330-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-330-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-400-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-400-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2010-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2010-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2110-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2110-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2510-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2510-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2610-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2610-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3115-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3115-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4515_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4515_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4615_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4615_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5015_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5015_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5115_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5115_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2518_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2518_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2618_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2618_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-27160", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-14T16:47:29.819291Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-17T17:28:19.362Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T00:27:59.883Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "tags": [ "x_transferred" ], "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Linux" ], "product": "Toshiba Tec e-Studio multi-function peripheral (MFP)", "vendor": "Toshiba Tec Corporation", "versions": [ { "status": "affected", "version": "see the reference URL" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "We expresses its gratitude to Pierre Barre for reporting relevant security vulnerabilities for our products." } ], "datePublic": "2024-06-14T02:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "All the Toshiba printers contain a shell script using the same hardcoded key to encrypt logs. An attacker can decrypt the encrypted files using the hardcoded key. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. So, the CVSS score for this vulnerability alone is lower than the score listed in the \"Base Score\" of this vulnerability. For detail on related other vulnerabilities, please ask to the below contact point.\u003cbr\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.toshibatec.com/contacts/products/\"\u003ehttps://www.toshibatec.com/contacts/products/\u003c/a\u003e\u003cbr\u003eAs for the affected products/models/versions, see the reference URL." } ], "value": "All the Toshiba printers contain a shell script using the same hardcoded key to encrypt logs. An attacker can decrypt the encrypted files using the hardcoded key. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. So, the CVSS score for this vulnerability alone is lower than the score listed in the \"Base Score\" of this vulnerability. For detail on related other vulnerabilities, please ask to the below contact point.\n https://www.toshibatec.com/contacts/products/ \nAs for the affected products/models/versions, see the reference URL." } ], "exploits": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "We are not aware of any malicious exploitation by these vulnerabilities.\u003cbr\u003e" } ], "value": "We are not aware of any malicious exploitation by these vulnerabilities." } ], "impacts": [ { "capecId": "CAPEC-191", "descriptions": [ { "lang": "en", "value": "CAPEC-191 Read Sensitive Constants Within an Executable" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-798", "description": "CWE-798 Use of Hard-coded Credentials", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-14T03:33:50.028Z", "orgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "shortName": "Toshiba" }, "references": [ { "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in the version released on June 14, 2024 and all later versions.\u003cbr\u003e" } ], "value": "This issue is fixed in the version released on June 14, 2024 and all later versions." } ], "source": { "discovery": "UNKNOWN" }, "timeline": [ { "lang": "en", "time": "2024-06-14T02:00:00.000Z", "value": "Fixes will be released" } ], "title": "Hardcoded password used to encrypt logs and use of weak cipher", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "assignerShortName": "Toshiba", "cveId": "CVE-2024-27160", "datePublished": "2024-06-14T03:33:50.028Z", "dateReserved": "2024-02-21T02:11:56.736Z", "dateUpdated": "2024-08-02T00:27:59.883Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-27172
Vulnerability from cvelistv5
Published
2024-06-14 04:00
Modified
2024-08-02 00:27
Severity ?
EPSS score ?
Summary
Remote Code Execution
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Toshiba Tec Corporation | Toshiba Tec e-Studio multi-function peripheral (MFP) |
Version: see the reference URL |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2521_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2521_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2020_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2020_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2520_nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2520_nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2021_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2021_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3025_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3025_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3028-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3028-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6526-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6526-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-9029-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-9029-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-330-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-330-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-400-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-400-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2010-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2010-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2110-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2110-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2510-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2510-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2610-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2610-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3115-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3115-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4515_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4515_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4615_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4615_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5015_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5015_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5115_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5115_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2518_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2518_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2618_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2618_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-27172", "options": [ { "Exploitation": "poc" }, { "Automatable": "yes" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-07-24T20:32:21.498172Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-24T20:32:30.387Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T00:27:59.583Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "tags": [ "x_transferred" ], "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Linux" ], "product": "Toshiba Tec e-Studio multi-function peripheral (MFP)", "vendor": "Toshiba Tec Corporation", "versions": [ { "status": "affected", "version": "see the reference URL" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "We expresses its gratitude to Pierre Barre for reporting relevant security vulnerabilities for our products." } ], "datePublic": "2024-06-14T02:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Remote Command program allows an attacker to get Remote Code Execution. As for the affected products/models/versions, see the reference URL." } ], "value": "Remote Command program allows an attacker to get Remote Code Execution. As for the affected products/models/versions, see the reference URL." } ], "exploits": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "We are not aware of any malicious exploitation by these vulnerabilities.\u003cbr\u003e" } ], "value": "We are not aware of any malicious exploitation by these vulnerabilities." } ], "impacts": [ { "capecId": "CAPEC-88", "descriptions": [ { "lang": "en", "value": "CAPEC-88 OS Command Injection" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-78", "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-14T04:00:40.846Z", "orgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "shortName": "Toshiba" }, "references": [ { "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in the version released on June 14, 2024 and all later versions.\u003cbr\u003e" } ], "value": "This issue is fixed in the version released on June 14, 2024 and all later versions." } ], "source": { "discovery": "UNKNOWN" }, "timeline": [ { "lang": "en", "time": "2024-06-14T02:00:00.000Z", "value": "Fixes will be released" } ], "title": "Remote Code Execution", "workarounds": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "When connecting the MFPs and printers with an outer network such as the Internet, only operate it in a network environment protected by a firewall, etc. to prevent information from being leaked due to incorrect settings or avoid illegal access by unauthorized users.\u003cbr\u003e" } ], "value": "When connecting the MFPs and printers with an outer network such as the Internet, only operate it in a network environment protected by a firewall, etc. to prevent information from being leaked due to incorrect settings or avoid illegal access by unauthorized users." } ], "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "assignerShortName": "Toshiba", "cveId": "CVE-2024-27172", "datePublished": "2024-06-14T04:00:40.846Z", "dateReserved": "2024-02-21T02:12:01.820Z", "dateUpdated": "2024-08-02T00:27:59.583Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-27169
Vulnerability from cvelistv5
Published
2024-06-14 03:55
Modified
2024-08-02 00:27
Severity ?
EPSS score ?
Summary
Lack of authentication
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Toshiba Tec Corporation | Toshiba Tec e-Studio multi-function peripheral (MFP) |
Version: see the reference URL |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2521_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2521_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2020_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2020_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2520_nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2520_nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2021_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2021_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3025_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3025_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3028-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3028-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6526-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6526-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-9029-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-9029-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-330-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-330-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-400-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-400-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2010-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2010-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2110-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2110-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2510-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2510-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2610-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2610-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3115-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3115-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4515_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4515_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4615_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4615_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5015_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5015_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5115_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5115_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2518_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2518_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2618_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2618_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-27169", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-06-14T15:41:51.887318Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-14T19:49:05.429Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T00:27:59.859Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "tags": [ "x_transferred" ], "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Linux" ], "product": "Toshiba Tec e-Studio multi-function peripheral (MFP)", "vendor": "Toshiba Tec Corporation", "versions": [ { "status": "affected", "version": "see the reference URL" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "We expresses its gratitude to Pierre Barre for reporting relevant security vulnerabilities for our products." } ], "datePublic": "2024-06-14T02:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Toshiba printers provides API without authentication for internal access. A local attacker can bypass authentication in applications, providing administrative access. As for the affected products/models/versions, see the reference URL." } ], "value": "Toshiba printers provides API without authentication for internal access. A local attacker can bypass authentication in applications, providing administrative access. As for the affected products/models/versions, see the reference URL." } ], "exploits": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "We are not aware of any malicious exploitation by these vulnerabilities.\u003cbr\u003e" } ], "value": "We are not aware of any malicious exploitation by these vulnerabilities." } ], "impacts": [ { "capecId": "CAPEC-115", "descriptions": [ { "lang": "en", "value": "CAPEC-115 Authentication Bypass" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-306", "description": "CWE-306 Missing Authentication for Critical Function", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-14T03:55:04.544Z", "orgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "shortName": "Toshiba" }, "references": [ { "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in the version released on June 14, 2024 and all later versions.\u003cbr\u003e" } ], "value": "This issue is fixed in the version released on June 14, 2024 and all later versions." } ], "source": { "discovery": "UNKNOWN" }, "timeline": [ { "lang": "en", "time": "2024-06-14T02:00:00.000Z", "value": "Fixes will be released" } ], "title": "Lack of authentication", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "assignerShortName": "Toshiba", "cveId": "CVE-2024-27169", "datePublished": "2024-06-14T03:55:04.544Z", "dateReserved": "2024-02-21T02:11:59.653Z", "dateUpdated": "2024-08-02T00:27:59.859Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-27149
Vulnerability from cvelistv5
Published
2024-06-14 02:50
Modified
2024-08-02 00:27
Severity ?
EPSS score ?
Summary
Local Privilege Escalation and Remote Code Execution using insecure LD_PRELOAD
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Toshiba Tec Corporation | Toshiba Tec e-Studio multi-function peripheral (MFP) |
Version: see the reference URL |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2521_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2521_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2020_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2020_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2520_nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2520_nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2021_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2021_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3025_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3025_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3028-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3028-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6526-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6526-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-9029-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-9029-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-330-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-330-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-400-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-400-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2010-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2010-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2110-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2110-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2510-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2510-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2610-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2610-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3115-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3115-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4515_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4515_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4615_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4615_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5015_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5015_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5115_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5115_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2518_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2518_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2618_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2618_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-27149", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-06-14T15:58:14.128946Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-14T19:49:59.404Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T00:27:59.463Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "tags": [ "x_transferred" ], "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Linux" ], "product": "Toshiba Tec e-Studio multi-function peripheral (MFP)", "vendor": "Toshiba Tec Corporation", "versions": [ { "status": "affected", "version": "see the reference URL" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "We expresses its gratitude to Pierre Barre for reporting relevant security vulnerabilities for our products." } ], "datePublic": "2024-06-14T02:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. As for the affected products/models/versions, see the reference URL." } ], "value": "The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. As for the affected products/models/versions, see the reference URL." } ], "exploits": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "We are not aware of any malicious exploitation by these vulnerabilities.\u003cbr\u003e" } ], "value": "We are not aware of any malicious exploitation by these vulnerabilities." } ], "impacts": [ { "capecId": "CAPEC-180", "descriptions": [ { "lang": "en", "value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-276", "description": "CWE-276 Incorrect Default Permissions", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-14T02:50:28.457Z", "orgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "shortName": "Toshiba" }, "references": [ { "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in the version released on June 14, 2024 and all later versions.\u003cbr\u003e" } ], "value": "This issue is fixed in the version released on June 14, 2024 and all later versions." } ], "source": { "discovery": "UNKNOWN" }, "timeline": [ { "lang": "en", "time": "2024-06-14T02:00:00.000Z", "value": "Fixes will be released" } ], "title": "Local Privilege Escalation and Remote Code Execution using insecure LD_PRELOAD", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "assignerShortName": "Toshiba", "cveId": "CVE-2024-27149", "datePublished": "2024-06-14T02:50:28.457Z", "dateReserved": "2024-02-21T02:11:53.252Z", "dateUpdated": "2024-08-02T00:27:59.463Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-27150
Vulnerability from cvelistv5
Published
2024-06-14 02:52
Modified
2024-08-02 00:27
Severity ?
EPSS score ?
Summary
Local Privilege Escalation and Remote Code Execution using insecure LD_LIBRARY_PATH
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Toshiba Tec Corporation | Toshiba Tec e-Studio multi-function peripheral (MFP) |
Version: see the reference URL |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2521_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2521_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2020_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2020_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2520_nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2520_nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2021_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2021_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3025_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3025_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3028-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3028-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6526-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6526-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-9029-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-9029-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-330-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-330-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-400-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-400-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2010-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2010-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2110-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2110-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2510-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2510-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2610-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2610-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3115-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3115-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4515_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4515_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4615_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4615_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5015_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5015_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5115_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5115_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2518_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2518_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2618_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2618_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-27150", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-06-14T16:49:53.591890Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-14T19:52:57.433Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T00:27:59.219Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "tags": [ "x_transferred" ], "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Linux" ], "product": "Toshiba Tec e-Studio multi-function peripheral (MFP)", "vendor": "Toshiba Tec Corporation", "versions": [ { "status": "affected", "version": "see the reference URL" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "We expresses its gratitude to Pierre Barre for reporting relevant security vulnerabilities for our products." } ], "datePublic": "2024-06-14T02:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. As for the affected products/models/versions, see the reference URL." } ], "value": "The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. As for the affected products/models/versions, see the reference URL." } ], "exploits": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "We are not aware of any malicious exploitation by these vulnerabilities.\u003cbr\u003e" } ], "value": "We are not aware of any malicious exploitation by these vulnerabilities." } ], "impacts": [ { "capecId": "CAPEC-180", "descriptions": [ { "lang": "en", "value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-276", "description": "CWE-276 Incorrect Default Permissions", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-14T02:52:19.815Z", "orgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "shortName": "Toshiba" }, "references": [ { "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in the version released on June 14, 2024 and all later versions.\u003cbr\u003e" } ], "value": "This issue is fixed in the version released on June 14, 2024 and all later versions." } ], "source": { "discovery": "UNKNOWN" }, "timeline": [ { "lang": "en", "time": "2024-06-14T02:00:00.000Z", "value": "Fixes will be released" } ], "title": "Local Privilege Escalation and Remote Code Execution using insecure LD_LIBRARY_PATH", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "assignerShortName": "Toshiba", "cveId": "CVE-2024-27150", "datePublished": "2024-06-14T02:52:19.815Z", "dateReserved": "2024-02-21T02:11:53.252Z", "dateUpdated": "2024-08-02T00:27:59.219Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-27175
Vulnerability from cvelistv5
Published
2024-06-14 04:04
Modified
2024-08-02 00:27
Severity ?
EPSS score ?
Summary
Local File Inclusion
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Toshiba Tec Corporation | Toshiba Tec e-Studio multi-function peripheral (MFP) |
Version: see the reference URL |
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-27175", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-14T16:39:09.228413Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-30T14:25:44.754Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T00:27:59.630Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "tags": [ "x_transferred" ], "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Linux" ], "product": "Toshiba Tec e-Studio multi-function peripheral (MFP)", "vendor": "Toshiba Tec Corporation", "versions": [ { "status": "affected", "version": "see the reference URL" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "We expresses its gratitude to Pierre Barre for reporting relevant security vulnerabilities for our products." } ], "datePublic": "2024-06-14T02:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Remote Command program allows an attacker to read any file using a Local File Inclusion vulnerability. An attacker can read any file on the printer. As for the affected products/models/versions, see the reference URL." } ], "value": "Remote Command program allows an attacker to read any file using a Local File Inclusion vulnerability. An attacker can read any file on the printer. As for the affected products/models/versions, see the reference URL." } ], "exploits": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "We are not aware of any malicious exploitation by these vulnerabilities.\u003cbr\u003e" } ], "value": "We are not aware of any malicious exploitation by these vulnerabilities." } ], "impacts": [ { "capecId": "CAPEC-251", "descriptions": [ { "lang": "en", "value": "CAPEC-251 Local Code Inclusion" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-73", "description": "CWE-73 External Control of File Name or Path", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-14T04:04:32.574Z", "orgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "shortName": "Toshiba" }, "references": [ { "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in the version released on June 14, 2024 and all later versions.\u003cbr\u003e" } ], "value": "This issue is fixed in the version released on June 14, 2024 and all later versions." } ], "source": { "discovery": "UNKNOWN" }, "timeline": [ { "lang": "en", "time": "2024-06-14T02:00:00.000Z", "value": "Fixes will be released" } ], "title": "Local File Inclusion", "workarounds": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "When connecting the MFPs and printers with an outer network such as the Internet, only operate it in a network environment protected by a firewall, etc. to prevent information from being leaked due to incorrect settings or avoid illegal access by unauthorized users.\u003cbr\u003e" } ], "value": "When connecting the MFPs and printers with an outer network such as the Internet, only operate it in a network environment protected by a firewall, etc. to prevent information from being leaked due to incorrect settings or avoid illegal access by unauthorized users." } ], "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "assignerShortName": "Toshiba", "cveId": "CVE-2024-27175", "datePublished": "2024-06-14T04:04:32.574Z", "dateReserved": "2024-02-21T02:12:01.820Z", "dateUpdated": "2024-08-02T00:27:59.630Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-27147
Vulnerability from cvelistv5
Published
2024-06-14 02:44
Modified
2024-08-02 00:27
Severity ?
EPSS score ?
Summary
Local Privilege Escalation and Remote Code Execution using snmpd
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Toshiba Tec Corporation | Toshiba Tec e-Studio multi-function peripheral (MFP) |
Version: see the reference URL |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2521_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2521_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2020_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2020_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2520_nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2520_nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2021_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2021_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3025_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3025_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3028-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3028-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6526-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6526-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-9029-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-9029-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-330-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-330-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-400-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-400-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2010-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2010-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2110-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2110-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2510-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2510-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2610-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2610-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3115-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3115-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4515_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4515_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4615_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4615_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5015_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5015_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5115_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5115_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2518_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2518_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2618_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2618_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-27147", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-06-14T16:51:13.348537Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-14T19:53:37.036Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T00:27:59.270Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "tags": [ "x_transferred" ], "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Linux" ], "product": "Toshiba Tec e-Studio multi-function peripheral (MFP)", "vendor": "Toshiba Tec Corporation", "versions": [ { "status": "affected", "version": "see the reference URL" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "We expresses its gratitude to Pierre Barre for reporting relevant security vulnerabilities for our products." } ], "datePublic": "2024-06-14T02:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. As for the affected products/models/versions, see the reference URL." } ], "value": "The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. As for the affected products/models/versions, see the reference URL." } ], "exploits": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "We are not aware of any malicious exploitation by these vulnerabilities.\u003cbr\u003e" } ], "value": "We are not aware of any malicious exploitation by these vulnerabilities." } ], "impacts": [ { "capecId": "CAPEC-233", "descriptions": [ { "lang": "en", "value": "CAPEC-233 Privilege Escalation" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-250", "description": "CWE-250: \"Execution with Unnecessary Privileges\"", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-14T02:44:34.508Z", "orgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "shortName": "Toshiba" }, "references": [ { "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in the version released on June 14, 2024 and all later versions.\u003cbr\u003e" } ], "value": "This issue is fixed in the version released on June 14, 2024 and all later versions." } ], "source": { "discovery": "UNKNOWN" }, "timeline": [ { "lang": "en", "time": "2024-06-14T02:00:00.000Z", "value": "Fixes will be released" } ], "title": "Local Privilege Escalation and Remote Code Execution using snmpd", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "assignerShortName": "Toshiba", "cveId": "CVE-2024-27147", "datePublished": "2024-06-14T02:44:34.508Z", "dateReserved": "2024-02-21T02:11:53.251Z", "dateUpdated": "2024-08-02T00:27:59.270Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-27158
Vulnerability from cvelistv5
Published
2024-06-14 03:24
Modified
2024-08-02 00:27
Severity ?
EPSS score ?
Summary
Hardcoded root password
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Toshiba Tec Corporation | Toshiba Tec e-Studio multi-function peripheral (MFP) |
Version: see the reference URL |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2521_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2521_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2020_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2020_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2520_nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2520_nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2021_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2021_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3025_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3025_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3028-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3028-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6526-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6526-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-9029-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-9029-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-330-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-330-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-400-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-400-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2010-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2010-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2110-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2110-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2510-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2510-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2610-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2610-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3115-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3115-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4515_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4515_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4615_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4615_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5015_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5015_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5115_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5115_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2518_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2518_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2618_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2618_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-27158", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-06-14T16:48:07.304069Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-14T19:51:25.249Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T00:27:59.739Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "tags": [ "x_transferred" ], "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Linux" ], "product": "Toshiba Tec e-Studio multi-function peripheral (MFP)", "vendor": "Toshiba Tec Corporation", "versions": [ { "status": "affected", "version": "see the reference URL" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "We expresses its gratitude to Pierre Barre for reporting relevant security vulnerabilities for our products." } ], "datePublic": "2024-06-14T02:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "All the Toshiba printers share the same hardcoded root password. As for the affected products/models/versions, see the reference URL." } ], "value": "All the Toshiba printers share the same hardcoded root password. As for the affected products/models/versions, see the reference URL." } ], "exploits": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "We are not aware of any malicious exploitation by these vulnerabilities.\u003cbr\u003e" } ], "value": "We are not aware of any malicious exploitation by these vulnerabilities." } ], "impacts": [ { "capecId": "CAPEC-70", "descriptions": [ { "lang": "en", "value": "CAPEC-70 Try Common or Default Usernames and Passwords" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-1392", "description": "CWE-1392 Use of Default Credentials", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-14T03:24:23.225Z", "orgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "shortName": "Toshiba" }, "references": [ { "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in the version released on June 14, 2024 and all later versions.\u003cbr\u003e" } ], "value": "This issue is fixed in the version released on June 14, 2024 and all later versions." } ], "source": { "discovery": "UNKNOWN" }, "timeline": [ { "lang": "en", "time": "2024-06-14T02:00:00.000Z", "value": "Fixes will be released" } ], "title": "Hardcoded root password", "workarounds": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "When connecting the MFPs and printers with an outer network such as the Internet, only operate it in a network environment protected by a firewall, etc. to prevent information from being leaked due to incorrect settings or avoid illegal access by unauthorized users.\u003cbr\u003e" } ], "value": "When connecting the MFPs and printers with an outer network such as the Internet, only operate it in a network environment protected by a firewall, etc. to prevent information from being leaked due to incorrect settings or avoid illegal access by unauthorized users." } ], "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "assignerShortName": "Toshiba", "cveId": "CVE-2024-27158", "datePublished": "2024-06-14T03:24:23.225Z", "dateReserved": "2024-02-21T02:11:56.736Z", "dateUpdated": "2024-08-02T00:27:59.739Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-27167
Vulnerability from cvelistv5
Published
2024-06-14 03:52
Modified
2024-08-02 00:27
Severity ?
EPSS score ?
Summary
Insecure permissions
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Toshiba Tec Corporation | Toshiba Tec e-Studio multi-function peripheral (MFP) |
Version: see the reference URL |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4515_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4515_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4615_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4615_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5015_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5015_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5115_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5115_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2518_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2518_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2618_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2618_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2521_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2521_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2020_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2020_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2520_nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2520_nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2021_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2021_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3025_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3025_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3028-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3028-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6526-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6526-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-9029-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-9029-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-330-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-330-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-400-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-400-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2010-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2010-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2110-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2110-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2510-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2510-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2610-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2610-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3115-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3115-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-27167", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-06-14T16:45:18.973982Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-14T19:47:53.113Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T00:27:59.673Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "tags": [ "x_transferred" ], "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Linux" ], "product": "Toshiba Tec e-Studio multi-function peripheral (MFP)", "vendor": "Toshiba Tec Corporation", "versions": [ { "status": "affected", "version": "see the reference URL" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "We expresses its gratitude to Pierre Barre for reporting relevant security vulnerabilities for our products." } ], "datePublic": "2024-06-14T02:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Toshiba printers use Sendmail to send emails to recipients. Sendmail is used with several insecure directories. A local attacker can inject a malicious Sendmail configuration file. As for the affected products/models/versions, see the reference URL." } ], "value": "Toshiba printers use Sendmail to send emails to recipients. Sendmail is used with several insecure directories. A local attacker can inject a malicious Sendmail configuration file. As for the affected products/models/versions, see the reference URL." } ], "exploits": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "We are not aware of any malicious exploitation by these vulnerabilities.\u003cbr\u003e" } ], "value": "We are not aware of any malicious exploitation by these vulnerabilities." } ], "impacts": [ { "capecId": "CAPEC-180", "descriptions": [ { "lang": "en", "value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-276", "description": "CWE-276 Incorrect Default Permissions", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-14T03:52:38.112Z", "orgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "shortName": "Toshiba" }, "references": [ { "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in the version released on June 14, 2024 and all later versions.\u003cbr\u003e" } ], "value": "This issue is fixed in the version released on June 14, 2024 and all later versions." } ], "source": { "discovery": "UNKNOWN" }, "timeline": [ { "lang": "en", "time": "2024-06-14T02:00:00.000Z", "value": "Fixes will be released" } ], "title": "Insecure permissions", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "assignerShortName": "Toshiba", "cveId": "CVE-2024-27167", "datePublished": "2024-06-14T03:52:38.112Z", "dateReserved": "2024-02-21T02:11:59.652Z", "dateUpdated": "2024-08-02T00:27:59.673Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-27155
Vulnerability from cvelistv5
Published
2024-06-14 03:18
Modified
2024-08-02 00:27
Severity ?
EPSS score ?
Summary
Local Privilege Escalation and Remote Code Execution using insecure permissions
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Toshiba Tec Corporation | Toshiba Tec e-Studio multi-function peripheral (MFP) |
Version: see the reference URL |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2521_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2521_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2020_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2020_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2520_nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2520_nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2021_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2021_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3025_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3025_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3028-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3028-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6526-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6526-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-9029-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-9029-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-330-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-330-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-400-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-400-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2010-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2010-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2110-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2110-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2510-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2510-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2610-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2610-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3115-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3115-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4515_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4515_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4615_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4615_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5015_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5015_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5115_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5115_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2518_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2518_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2618_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2618_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-27155", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-06-14T16:48:48.043985Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-14T19:51:47.505Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T00:27:59.612Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "tags": [ "x_transferred" ], "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Linux" ], "product": "Toshiba Tec e-Studio multi-function peripheral (MFP)", "vendor": "Toshiba Tec Corporation", "versions": [ { "status": "affected", "version": "see the reference URL" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "We expresses its gratitude to Pierre Barre for reporting relevant security vulnerabilities for our products." } ], "datePublic": "2024-06-14T02:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. The programs can be replaced by malicious programs by any local or remote attacker. As for the affected products/models/versions, see the reference URL." } ], "value": "The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. The programs can be replaced by malicious programs by any local or remote attacker. As for the affected products/models/versions, see the reference URL." } ], "exploits": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "We are not aware of any malicious exploitation by these vulnerabilities.\u003cbr\u003e" } ], "value": "We are not aware of any malicious exploitation by these vulnerabilities." } ], "impacts": [ { "capecId": "CAPEC-180", "descriptions": [ { "lang": "en", "value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 7.7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-276", "description": "CWE-276 Incorrect Default Permissions", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-14T03:18:25.525Z", "orgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "shortName": "Toshiba" }, "references": [ { "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in the version released on June 14, 2024 and all later versions.\u003cbr\u003e" } ], "value": "This issue is fixed in the version released on June 14, 2024 and all later versions." } ], "source": { "discovery": "UNKNOWN" }, "timeline": [ { "lang": "en", "time": "2024-06-14T02:00:00.000Z", "value": "Fixes will be released" } ], "title": "Local Privilege Escalation and Remote Code Execution using insecure permissions", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "assignerShortName": "Toshiba", "cveId": "CVE-2024-27155", "datePublished": "2024-06-14T03:18:25.525Z", "dateReserved": "2024-02-21T02:11:56.735Z", "dateUpdated": "2024-08-02T00:27:59.612Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-27177
Vulnerability from cvelistv5
Published
2024-06-14 04:06
Modified
2024-08-02 00:27
Severity ?
EPSS score ?
Summary
Remote Code Execution
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Toshiba Tec Corporation | Toshiba Tec e-Studio multi-function peripheral (MFP) |
Version: see the reference URL |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6526-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6526-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2521_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2521_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2020_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2020_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2520_nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2520_nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2021_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2021_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3025_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3025_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3028-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3028-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-9029-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-9029-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-330-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-330-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-400-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-400-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2010-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2010-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2110-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2110-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2510-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2510-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2610-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2610-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3115-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3115-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4515_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4515_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4615_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4615_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5015_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5015_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5115_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5115_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2518_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2518_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2618_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2618_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-27177", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-06-17T16:26:51.119888Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-17T16:26:59.904Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T00:27:59.924Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "tags": [ "x_transferred" ], "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Linux" ], "product": "Toshiba Tec e-Studio multi-function peripheral (MFP)", "vendor": "Toshiba Tec Corporation", "versions": [ { "status": "affected", "version": "see the reference URL" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "We expresses its gratitude to Pierre Barre for reporting relevant security vulnerabilities for our products." } ], "datePublic": "2024-06-14T02:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "An attacker can get Remote Code Execution by overwriting files. Overwriting files is enable by falsifying package name variable. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. So, the CVSS score for this vulnerability alone is lower than the score listed in the \"Base Score\" of this vulnerability. For detail on related other vulnerabilities, please ask to the below contact point.\u003cbr\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.toshibatec.com/contacts/products/\"\u003ehttps://www.toshibatec.com/contacts/products/\u003c/a\u003e\u003cbr\u003eAs for the affected products/models/versions, see the reference URL." } ], "value": "An attacker can get Remote Code Execution by overwriting files. Overwriting files is enable by falsifying package name variable. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. So, the CVSS score for this vulnerability alone is lower than the score listed in the \"Base Score\" of this vulnerability. For detail on related other vulnerabilities, please ask to the below contact point.\n https://www.toshibatec.com/contacts/products/ \nAs for the affected products/models/versions, see the reference URL." } ], "exploits": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "We are not aware of any malicious exploitation by these vulnerabilities.\u003cbr\u003e" } ], "value": "We are not aware of any malicious exploitation by these vulnerabilities." } ], "impacts": [ { "capecId": "CAPEC-126", "descriptions": [ { "lang": "en", "value": "CAPEC-126 Path Traversal" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-22", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-14T04:06:54.881Z", "orgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "shortName": "Toshiba" }, "references": [ { "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in the version released on June 14, 2024 and all later versions.\u003cbr\u003e" } ], "value": "This issue is fixed in the version released on June 14, 2024 and all later versions." } ], "source": { "discovery": "UNKNOWN" }, "timeline": [ { "lang": "en", "time": "2024-06-14T02:00:00.000Z", "value": "Fixes will be released" } ], "title": "Remote Code Execution", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "assignerShortName": "Toshiba", "cveId": "CVE-2024-27177", "datePublished": "2024-06-14T04:06:54.881Z", "dateReserved": "2024-02-21T02:12:01.821Z", "dateUpdated": "2024-08-02T00:27:59.924Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-27159
Vulnerability from cvelistv5
Published
2024-06-14 03:29
Modified
2024-08-02 00:27
Severity ?
EPSS score ?
Summary
Hardcoded password used to encrypt logs
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Toshiba Tec Corporation | Toshiba Tec e-Studio multi-function peripheral (MFP) |
Version: see the reference URL |
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-27159", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-14T19:05:47.882453Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-14T19:05:54.275Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T00:27:59.829Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "tags": [ "x_transferred" ], "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Linux" ], "product": "Toshiba Tec e-Studio multi-function peripheral (MFP)", "vendor": "Toshiba Tec Corporation", "versions": [ { "status": "affected", "version": "see the reference URL" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "We expresses its gratitude to Pierre Barre for reporting relevant security vulnerabilities for our products." } ], "datePublic": "2024-06-14T02:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "All the Toshiba printers contain a shell script using the same hardcoded key to encrypt logs. An attacker can decrypt the encrypted files using the hardcoded key. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. So, the CVSS score for this vulnerability alone is lower than the score listed in the \"Base Score\" of this vulnerability. For detail on related other vulnerabilities, please ask to the below contact point.\u003cbr\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.toshibatec.com/contacts/products/\"\u003ehttps://www.toshibatec.com/contacts/products/\u003c/a\u003e\u003cbr\u003eAs for the affected products/models/versions, see the reference URL." } ], "value": "All the Toshiba printers contain a shell script using the same hardcoded key to encrypt logs. An attacker can decrypt the encrypted files using the hardcoded key. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. So, the CVSS score for this vulnerability alone is lower than the score listed in the \"Base Score\" of this vulnerability. For detail on related other vulnerabilities, please ask to the below contact point.\n https://www.toshibatec.com/contacts/products/ \nAs for the affected products/models/versions, see the reference URL." } ], "exploits": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "We are not aware of any malicious exploitation by these vulnerabilities.\u003cbr\u003e" } ], "value": "We are not aware of any malicious exploitation by these vulnerabilities." } ], "impacts": [ { "capecId": "CAPEC-191", "descriptions": [ { "lang": "en", "value": "CAPEC-191 Read Sensitive Constants Within an Executable" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-798", "description": "CWE-798 Use of Hard-coded Credentials", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-14T03:29:15.059Z", "orgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "shortName": "Toshiba" }, "references": [ { "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in the version released on June 14, 2024 and all later versions.\u003cbr\u003e" } ], "value": "This issue is fixed in the version released on June 14, 2024 and all later versions." } ], "source": { "discovery": "UNKNOWN" }, "timeline": [ { "lang": "en", "time": "2024-06-14T02:00:00.000Z", "value": "Fixes will be released" } ], "title": "Hardcoded password used to encrypt logs", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "assignerShortName": "Toshiba", "cveId": "CVE-2024-27159", "datePublished": "2024-06-14T03:29:15.059Z", "dateReserved": "2024-02-21T02:11:56.736Z", "dateUpdated": "2024-08-02T00:27:59.829Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-27163
Vulnerability from cvelistv5
Published
2024-06-14 03:40
Modified
2024-08-02 00:27
Severity ?
EPSS score ?
Summary
Leak of admin password and passwords
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Toshiba Tec Corporation | Toshiba Tec e-Studio multi-function peripheral (MFP) |
Version: see the reference URL |
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-27163", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-14T18:55:25.721759Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-14T18:55:34.811Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T00:27:59.826Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "tags": [ "x_transferred" ], "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Linux" ], "product": "Toshiba Tec e-Studio multi-function peripheral (MFP)", "vendor": "Toshiba Tec Corporation", "versions": [ { "status": "affected", "version": "see the reference URL" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "We expresses its gratitude to Pierre Barre for reporting relevant security vulnerabilities for our products." } ], "datePublic": "2024-06-14T02:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Toshiba printers will display the password of the admin user in clear-text and additional passwords when sending 2 specific HTTP requests to the internal API. An attacker stealing the cookie of an admin or abusing a XSS vulnerability can recover this password in clear-text and compromise the printer. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. So, the CVSS score for this vulnerability alone is lower than the score listed in the \"Base Score\" of this vulnerability. For detail on related other vulnerabilities, please ask to the below contact point.\u003cbr\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.toshibatec.com/contacts/products/\"\u003ehttps://www.toshibatec.com/contacts/products/\u003c/a\u003e\u003cbr\u003eAs for the affected products/models/versions, see the reference URL." } ], "value": "Toshiba printers will display the password of the admin user in clear-text and additional passwords when sending 2 specific HTTP requests to the internal API. An attacker stealing the cookie of an admin or abusing a XSS vulnerability can recover this password in clear-text and compromise the printer. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. So, the CVSS score for this vulnerability alone is lower than the score listed in the \"Base Score\" of this vulnerability. For detail on related other vulnerabilities, please ask to the below contact point.\n https://www.toshibatec.com/contacts/products/ \nAs for the affected products/models/versions, see the reference URL." } ], "exploits": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "We are not aware of any malicious exploitation by these vulnerabilities.\u003cbr\u003e" } ], "value": "We are not aware of any malicious exploitation by these vulnerabilities." } ], "impacts": [ { "capecId": "CAPEC-158", "descriptions": [ { "lang": "en", "value": "CAPEC-158 Sniffing Network Traffic" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-319", "description": "CWE-319 Cleartext Transmission of Sensitive Information", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-14T03:40:44.063Z", "orgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "shortName": "Toshiba" }, "references": [ { "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in the version released on June 14, 2024 and all later versions.\u003cbr\u003e" } ], "value": "This issue is fixed in the version released on June 14, 2024 and all later versions." } ], "source": { "discovery": "UNKNOWN" }, "timeline": [ { "lang": "en", "time": "2024-06-14T02:00:00.000Z", "value": "Fixes will be released" } ], "title": "Leak of admin password and passwords", "workarounds": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "When connecting the MFPs and printers with an outer network such as the Internet, only operate it in a network environment protected by a firewall, etc. to prevent information from being leaked due to incorrect settings or avoid illegal access by unauthorized users.\u003cbr\u003e" } ], "value": "When connecting the MFPs and printers with an outer network such as the Internet, only operate it in a network environment protected by a firewall, etc. to prevent information from being leaked due to incorrect settings or avoid illegal access by unauthorized users." } ], "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "assignerShortName": "Toshiba", "cveId": "CVE-2024-27163", "datePublished": "2024-06-14T03:40:44.063Z", "dateReserved": "2024-02-21T02:11:59.651Z", "dateUpdated": "2024-08-02T00:27:59.826Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-27174
Vulnerability from cvelistv5
Published
2024-06-14 04:03
Modified
2024-08-02 00:27
Severity ?
EPSS score ?
Summary
insecure upload
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Toshiba Tec Corporation | Toshiba Tec e-Studio multi-function peripheral (MFP) |
Version: see the reference URL |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2521_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2521_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2020_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2020_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2520_nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2520_nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2021_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2021_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3025_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3025_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3028-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3028-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6526-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6526-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-9029-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-9029-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-330-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-330-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-400-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-400-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2010-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2010-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2110-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2110-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2510-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2510-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2610-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2610-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3115-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3115-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4515_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4515_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4615_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4615_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5015_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5015_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5115_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5115_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2518_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2518_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2618_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2618_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-27174", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-06-17T17:15:36.122194Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-17T17:15:43.061Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T00:27:59.896Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "tags": [ "x_transferred" ], "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Linux" ], "product": "Toshiba Tec e-Studio multi-function peripheral (MFP)", "vendor": "Toshiba Tec Corporation", "versions": [ { "status": "affected", "version": "see the reference URL" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "We expresses its gratitude to Pierre Barre for reporting relevant security vulnerabilities for our products." } ], "datePublic": "2024-06-14T02:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Remote Command program allows an attacker to get Remote Code Execution. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. So, the CVSS score for this vulnerability alone is lower than the score listed in the \"Base Score\" of this vulnerability. For detail on related other vulnerabilities, please ask to the below contact point.\u003cbr\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.toshibatec.com/contacts/products/\"\u003ehttps://www.toshibatec.com/contacts/products/\u003c/a\u003e\u003cbr\u003eAs for the affected products/models/versions, see the reference URL." } ], "value": "Remote Command program allows an attacker to get Remote Code Execution. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. So, the CVSS score for this vulnerability alone is lower than the score listed in the \"Base Score\" of this vulnerability. For detail on related other vulnerabilities, please ask to the below contact point.\n https://www.toshibatec.com/contacts/products/ \nAs for the affected products/models/versions, see the reference URL." } ], "exploits": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "We are not aware of any malicious exploitation by these vulnerabilities.\u003cbr\u003e" } ], "value": "We are not aware of any malicious exploitation by these vulnerabilities." } ], "impacts": [ { "capecId": "CAPEC-126", "descriptions": [ { "lang": "en", "value": "CAPEC-126 Path Traversal" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-22", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-14T04:03:18.120Z", "orgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "shortName": "Toshiba" }, "references": [ { "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in the version released on June 14, 2024 and all later versions.\u003cbr\u003e" } ], "value": "This issue is fixed in the version released on June 14, 2024 and all later versions." } ], "source": { "discovery": "UNKNOWN" }, "timeline": [ { "lang": "en", "time": "2024-06-14T02:00:00.000Z", "value": "Fixes will be released" } ], "title": "insecure upload", "workarounds": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "When connecting the MFPs and printers with an outer network such as the Internet, only operate it in a network environment protected by a firewall, etc. to prevent information from being leaked due to incorrect settings or avoid illegal access by unauthorized users.\u003cbr\u003e" } ], "value": "When connecting the MFPs and printers with an outer network such as the Internet, only operate it in a network environment protected by a firewall, etc. to prevent information from being leaked due to incorrect settings or avoid illegal access by unauthorized users." } ], "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "assignerShortName": "Toshiba", "cveId": "CVE-2024-27174", "datePublished": "2024-06-14T04:03:18.120Z", "dateReserved": "2024-02-21T02:12:01.820Z", "dateUpdated": "2024-08-02T00:27:59.896Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-27153
Vulnerability from cvelistv5
Published
2024-06-14 02:57
Modified
2024-08-02 00:27
Severity ?
EPSS score ?
Summary
Local Privilege Escalation and Remote Code Execution
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Toshiba Tec Corporation | Toshiba Tec e-Studio multi-function peripheral (MFP) |
Version: see the reference URL |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2521_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2521_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2020_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2020_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2520_nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2520_nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2021_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2021_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3025_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3025_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3028-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3028-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6526-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6526-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-9029-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-9029-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-330-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-330-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-400-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-400-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2010-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2010-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2110-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2110-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2510-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2510-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2610-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2610-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3115-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3115-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4515_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4515_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4615_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4615_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5015_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5015_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5115_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5115_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2518_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2518_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2618_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2618_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-27153", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-06-14T16:49:08.777886Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-14T19:52:12.033Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T00:27:59.442Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "tags": [ "x_transferred" ], "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Linux" ], "product": "Toshiba Tec e-Studio multi-function peripheral (MFP)", "vendor": "Toshiba Tec Corporation", "versions": [ { "status": "affected", "version": "see the reference URL" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "We expresses its gratitude to Pierre Barre for reporting relevant security vulnerabilities for our products." } ], "datePublic": "2024-06-14T02:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. As for the affected products/models/versions, see the reference URL." } ], "value": "The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. As for the affected products/models/versions, see the reference URL." } ], "exploits": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "We are not aware of any malicious exploitation by these vulnerabilities.\u003cbr\u003e" } ], "value": "We are not aware of any malicious exploitation by these vulnerabilities." } ], "impacts": [ { "capecId": "CAPEC-180", "descriptions": [ { "lang": "en", "value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-276", "description": "CWE-276 Incorrect Default Permissions", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-14T02:57:28.015Z", "orgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "shortName": "Toshiba" }, "references": [ { "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in the version released on June 14, 2024 and all later versions.\u003cbr\u003e" } ], "value": "This issue is fixed in the version released on June 14, 2024 and all later versions." } ], "source": { "discovery": "UNKNOWN" }, "timeline": [ { "lang": "en", "time": "2024-06-14T02:00:00.000Z", "value": "Fixes will be released" } ], "title": "Local Privilege Escalation and Remote Code Execution", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "assignerShortName": "Toshiba", "cveId": "CVE-2024-27153", "datePublished": "2024-06-14T02:57:28.015Z", "dateReserved": "2024-02-21T02:11:56.734Z", "dateUpdated": "2024-08-02T00:27:59.442Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-27144
Vulnerability from cvelistv5
Published
2024-06-14 02:31
Modified
2024-08-02 00:27
Severity ?
EPSS score ?
Summary
Pre-authenticated Remote Code Execution
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Toshiba Tec Corporation | Toshiba Tec e-Studio multi-function peripheral (MFP) |
Version: see the reference URL |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2521_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2521_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2020_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2020_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2520_nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2520_nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2021_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2021_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3025_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3025_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3028-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3028-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6526-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6526-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-9029-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-9029-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-330-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-330-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-400-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-400-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2010-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2010-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2110-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2110-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2510-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2510-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2610-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2610-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3115-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3115-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4515_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4515_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4615_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4615_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5015_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5015_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5115_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5115_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2518_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2518_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2618_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2618_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-27144", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-06-14T16:52:51.249164Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-14T19:54:46.742Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T00:27:59.447Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "tags": [ "x_transferred" ], "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Linux" ], "product": "Toshiba Tec e-Studio multi-function peripheral (MFP)", "vendor": "Toshiba Tec Corporation", "versions": [ { "status": "affected", "version": "see the reference URL" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "We expresses its gratitude to Pierre Barre for reporting relevant security vulnerabilities for our products." } ], "datePublic": "2024-06-14T02:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "The Toshiba printers provide several ways to upload files using the web interface without authentication. An attacker can overwrite any insecure files. And the Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. The programs can be replaced by malicious programs by any local or remote attacker.\u0026nbsp;This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone.\u0026nbsp;So, the CVSS score for this vulnerability alone is lower than the score listed in the \"Base Score\" of this vulnerability.\u0026nbsp;For detail on related other vulnerabilities, please ask to the below contact point.\u003cbr\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.toshibatec.com/contacts/products/\"\u003ehttps://www.toshibatec.com/contacts/products/\u003c/a\u003e\u003cbr\u003eAs for the affected products/models/versions, see the reference URL." } ], "value": "The Toshiba printers provide several ways to upload files using the web interface without authentication. An attacker can overwrite any insecure files. And the Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. The programs can be replaced by malicious programs by any local or remote attacker.\u00a0This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone.\u00a0So, the CVSS score for this vulnerability alone is lower than the score listed in the \"Base Score\" of this vulnerability.\u00a0For detail on related other vulnerabilities, please ask to the below contact point.\n https://www.toshibatec.com/contacts/products/ \nAs for the affected products/models/versions, see the reference URL." } ], "exploits": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "We are not aware of any malicious exploitation by these vulnerabilities.\u003cbr\u003e" } ], "value": "We are not aware of any malicious exploitation by these vulnerabilities." } ], "impacts": [ { "capecId": "CAPEC-126", "descriptions": [ { "lang": "en", "value": "CAPEC-126 Path Traversal" } ] }, { "capecId": "CAPEC-180", "descriptions": [ { "lang": "en", "value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-22", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)", "lang": "en", "type": "CWE" } ] }, { "descriptions": [ { "cweId": "CWE-276", "description": "CWE-276 Incorrect Default Permissions", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-14T02:31:58.131Z", "orgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "shortName": "Toshiba" }, "references": [ { "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in the version released on June 14, 2024 and all later versions.\u003cbr\u003e" } ], "value": "This issue is fixed in the version released on June 14, 2024 and all later versions." } ], "source": { "discovery": "UNKNOWN" }, "timeline": [ { "lang": "en", "time": "2024-06-14T02:00:00.000Z", "value": "Fixes will be released" } ], "title": "Pre-authenticated Remote Code Execution", "workarounds": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "When connecting the MFPs and printers with an outer network such as the Internet, only operate it in a network environment protected by a firewall, etc. to prevent information from being leaked due to incorrect settings or avoid illegal access by unauthorized users.\u003cbr\u003e" } ], "value": "When connecting the MFPs and printers with an outer network such as the Internet, only operate it in a network environment protected by a firewall, etc. to prevent information from being leaked due to incorrect settings or avoid illegal access by unauthorized users." } ], "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "assignerShortName": "Toshiba", "cveId": "CVE-2024-27144", "datePublished": "2024-06-14T02:31:58.131Z", "dateReserved": "2024-02-21T02:11:53.250Z", "dateUpdated": "2024-08-02T00:27:59.447Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-27165
Vulnerability from cvelistv5
Published
2024-06-14 03:43
Modified
2024-08-02 00:27
Severity ?
EPSS score ?
Summary
Local Privilege Escalation
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Toshiba Tec Corporation | Toshiba Tec e-Studio multi-function peripheral (MFP) |
Version: see the reference URL |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2521_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2521_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2020_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2020_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2520_nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2520_nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2021_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2021_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3025_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3025_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3028-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3028-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6526-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6526-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-9029-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-9029-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-330-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-330-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-400-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-400-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2010-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2010-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2110-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2110-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2510-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2510-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2610-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2610-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3115-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3115-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4515_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4515_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4615_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4615_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5015_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5015_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5115_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5115_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2518_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2518_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2618_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2618_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-27165", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-06-14T15:59:17.393807Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-14T19:49:32.733Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T00:27:59.832Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "tags": [ "x_transferred" ], "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Linux" ], "product": "Toshiba Tec e-Studio multi-function peripheral (MFP)", "vendor": "Toshiba Tec Corporation", "versions": [ { "status": "affected", "version": "see the reference URL" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "We expresses its gratitude to Pierre Barre for reporting relevant security vulnerabilities for our products." } ], "datePublic": "2024-06-14T02:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Toshiba printers contain a suidperl binary and it has a Local Privilege Escalation vulnerability. A local attacker can get root privileges. As for the affected products/models/versions, see the reference URL." } ], "value": "Toshiba printers contain a suidperl binary and it has a Local Privilege Escalation vulnerability. A local attacker can get root privileges. As for the affected products/models/versions, see the reference URL." } ], "exploits": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "We are not aware of any malicious exploitation by these vulnerabilities.\u003cbr\u003e" } ], "value": "We are not aware of any malicious exploitation by these vulnerabilities." } ], "impacts": [ { "capecId": "CAPEC-233", "descriptions": [ { "lang": "en", "value": "CAPEC-233 Privilege Escalation" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-272", "description": "CWE-272 Least Privilege Violation", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-14T03:43:22.266Z", "orgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "shortName": "Toshiba" }, "references": [ { "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in the version released on June 14, 2024 and all later versions.\u003cbr\u003e" } ], "value": "This issue is fixed in the version released on June 14, 2024 and all later versions." } ], "source": { "discovery": "UNKNOWN" }, "timeline": [ { "lang": "en", "time": "2024-06-14T02:00:00.000Z", "value": "Fixes will be released" } ], "title": "Local Privilege Escalation", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "assignerShortName": "Toshiba", "cveId": "CVE-2024-27165", "datePublished": "2024-06-14T03:43:22.266Z", "dateReserved": "2024-02-21T02:11:59.652Z", "dateUpdated": "2024-08-02T00:27:59.832Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-27166
Vulnerability from cvelistv5
Published
2024-06-14 03:48
Modified
2024-08-02 00:27
Severity ?
EPSS score ?
Summary
Insecure permissions
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Toshiba Tec Corporation | Toshiba Tec e-Studio multi-function peripheral (MFP) |
Version: see the reference URL |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2521_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2521_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2020_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2020_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2520_nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2520_nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2021_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2021_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3025_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3025_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3028-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3028-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6526-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6526-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-9029-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-9029-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-330-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-330-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-400-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-400-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2010-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2010-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2110-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2110-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2510-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2510-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2610-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2610-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3115-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3115-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4515_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4515_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4615_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4615_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5015_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5015_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5115_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5115_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2518_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2518_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2618_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2618_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-27166", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-14T16:00:47.400333Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-14T19:49:17.449Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T00:27:59.520Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "tags": [ "x_transferred" ], "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Linux" ], "product": "Toshiba Tec e-Studio multi-function peripheral (MFP)", "vendor": "Toshiba Tec Corporation", "versions": [ { "status": "affected", "version": "see the reference URL" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "We expresses its gratitude to Pierre Barre for reporting relevant security vulnerabilities for our products." } ], "datePublic": "2024-06-14T02:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Coredump binaries in Toshiba printers have incorrect permissions. A local attacker can steal confidential information. As for the affected products/models/versions, see the reference URL." } ], "value": "Coredump binaries in Toshiba printers have incorrect permissions. A local attacker can steal confidential information. As for the affected products/models/versions, see the reference URL." } ], "exploits": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "We are not aware of any malicious exploitation by these vulnerabilities.\u003cbr\u003e" } ], "value": "We are not aware of any malicious exploitation by these vulnerabilities." } ], "impacts": [ { "capecId": "CAPEC-180", "descriptions": [ { "lang": "en", "value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-276", "description": "CWE-276 Incorrect Default Permissions", "lang": "en", "type": "CWE" } ] }, { "descriptions": [ { "cweId": "CWE-319", "description": "CWE-319 Cleartext Transmission of Sensitive Information", "lang": "en", "type": "CWE" } ] }, { "descriptions": [ { "cweId": "CWE-256", "description": "CWE-256 Plaintext Storage of a Password", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-14T03:49:17.013Z", "orgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "shortName": "Toshiba" }, "references": [ { "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in the version released on June 14, 2024 and all later versions.\u003cbr\u003e" } ], "value": "This issue is fixed in the version released on June 14, 2024 and all later versions." } ], "source": { "discovery": "UNKNOWN" }, "timeline": [ { "lang": "en", "time": "2024-06-14T02:00:00.000Z", "value": "Fixes will be released" } ], "title": "Insecure permissions", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "assignerShortName": "Toshiba", "cveId": "CVE-2024-27166", "datePublished": "2024-06-14T03:48:46.097Z", "dateReserved": "2024-02-21T02:11:59.652Z", "dateUpdated": "2024-08-02T00:27:59.520Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-27170
Vulnerability from cvelistv5
Published
2024-06-14 03:56
Modified
2024-08-02 00:27
Severity ?
EPSS score ?
Summary
Hardcoded credentials for WebDAV access
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Toshiba Tec Corporation | Toshiba Tec e-Studio multi-function peripheral (MFP) |
Version: see the reference URL |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2521_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2521_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2020_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2020_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2520_nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2520_nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2021_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2021_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3025_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3025_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3028-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3028-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6526-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6526-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-9029-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-9029-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-330-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-330-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-400-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-400-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2010-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2010-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2110-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2110-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2510-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2510-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2610-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2610-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3115-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3115-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-27170", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-06-14T14:26:57.261518Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-14T15:59:55.847Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T00:27:59.639Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "tags": [ "x_transferred" ], "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Linux" ], "product": "Toshiba Tec e-Studio multi-function peripheral (MFP)", "vendor": "Toshiba Tec Corporation", "versions": [ { "status": "affected", "version": "see the reference URL" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "We expresses its gratitude to Pierre Barre for reporting relevant security vulnerabilities for our products." } ], "datePublic": "2024-06-14T02:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "It was observed that all the Toshiba printers contain credentials used for WebDAV access in the readable file. Then, it is possible to get a full access with WebDAV to the printer. As for the affected products/models/versions, see the reference URL." } ], "value": "It was observed that all the Toshiba printers contain credentials used for WebDAV access in the readable file. Then, it is possible to get a full access with WebDAV to the printer. As for the affected products/models/versions, see the reference URL." } ], "exploits": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "We are not aware of any malicious exploitation by these vulnerabilities.\u003cbr\u003e" } ], "value": "We are not aware of any malicious exploitation by these vulnerabilities." } ], "impacts": [ { "capecId": "CAPEC-37", "descriptions": [ { "lang": "en", "value": "CAPEC-37 Retrieve Embedded Sensitive Data" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-798", "description": "CWE-798 Use of Hard-coded Credentials", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-14T03:56:21.336Z", "orgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "shortName": "Toshiba" }, "references": [ { "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in the version released on June 14, 2024 and all later versions.\u003cbr\u003e" } ], "value": "This issue is fixed in the version released on June 14, 2024 and all later versions." } ], "source": { "discovery": "UNKNOWN" }, "timeline": [ { "lang": "en", "time": "2024-06-14T02:00:00.000Z", "value": "Fixes will be released" } ], "title": "Hardcoded credentials for WebDAV access", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "assignerShortName": "Toshiba", "cveId": "CVE-2024-27170", "datePublished": "2024-06-14T03:56:21.336Z", "dateReserved": "2024-02-21T02:11:59.653Z", "dateUpdated": "2024-08-02T00:27:59.639Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-27141
Vulnerability from cvelistv5
Published
2024-06-14 02:21
Modified
2024-08-02 00:27
Severity ?
EPSS score ?
Summary
Pre-authenticated Time-Based Blind XXE injection
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Toshiba Tec Corporation | Toshiba Tec e-Studio multi-function peripheral (MFP) |
Version: see the reference URL |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2521_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2521_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2020_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2020_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2520_nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2520_nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2021_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2021_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3025_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3025_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3028-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3028-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6526-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6526-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-9029-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-9029-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-330-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-330-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-400-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-400-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2010-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2010-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2110-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2110-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2510-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2510-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2610-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2610-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3115-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3115-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4515_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4515_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4615_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4615_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-27141", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-14T16:54:46.512176Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-14T19:55:17.614Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T00:27:59.773Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "tags": [ "x_transferred" ], "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Linux" ], "product": "Toshiba Tec e-Studio multi-function peripheral (MFP)", "vendor": "Toshiba Tec Corporation", "versions": [ { "status": "affected", "version": "see the reference URL" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "We expresses its gratitude to Pierre Barre for reporting relevant security vulnerabilities for our products." } ], "datePublic": "2024-06-14T02:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Toshiba printers use XML communication for the API endpoint provided by the printer. For the endpoint, XML parsing library is used and it is vulnerable to a time-based blind XML External Entity (XXE) vulnerability. An attacker can DoS the printers by sending a HTTP request without authentication. An attacker can exploit the XXE to retrieve information.\u0026nbsp;As for the affected products/models/versions, see the reference URL." } ], "value": "Toshiba printers use XML communication for the API endpoint provided by the printer. For the endpoint, XML parsing library is used and it is vulnerable to a time-based blind XML External Entity (XXE) vulnerability. An attacker can DoS the printers by sending a HTTP request without authentication. An attacker can exploit the XXE to retrieve information.\u00a0As for the affected products/models/versions, see the reference URL." } ], "exploits": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "We are not aware of any malicious exploitation by these vulnerabilities.\u003cbr\u003e" } ], "value": "We are not aware of any malicious exploitation by these vulnerabilities." } ], "impacts": [ { "capecId": "CAPEC-197", "descriptions": [ { "lang": "en", "value": "CAPEC-197 XML Entity Expansion" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-776", "description": "CWE-776 Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-14T02:21:24.696Z", "orgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "shortName": "Toshiba" }, "references": [ { "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in the version released on June 14, 2024 and all later versions.\u003cbr\u003e" } ], "value": "This issue is fixed in the version released on June 14, 2024 and all later versions." } ], "source": { "discovery": "UNKNOWN" }, "timeline": [ { "lang": "en", "time": "2024-06-14T02:00:00.000Z", "value": "Fixes will be released" } ], "title": "Pre-authenticated Time-Based Blind XXE injection", "workarounds": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "When connecting the MFPs and printers with an outer network such as the Internet, only operate it in a network environment protected by a firewall, etc. to prevent information from being leaked due to incorrect settings or avoid illegal access by unauthorized users.\u003cbr\u003e" } ], "value": "When connecting the MFPs and printers with an outer network such as the Internet, only operate it in a network environment protected by a firewall, etc. to prevent information from being leaked due to incorrect settings or avoid illegal access by unauthorized users." } ], "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "assignerShortName": "Toshiba", "cveId": "CVE-2024-27141", "datePublished": "2024-06-14T02:21:24.696Z", "dateReserved": "2024-02-21T02:11:53.249Z", "dateUpdated": "2024-08-02T00:27:59.773Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-27162
Vulnerability from cvelistv5
Published
2024-06-14 03:39
Modified
2024-08-02 00:27
Severity ?
EPSS score ?
Summary
DOM-based XSS
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Toshiba Tec Corporation | Toshiba Tec e-Studio multi-function peripheral (MFP) |
Version: see the reference URL |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2521_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2521_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2020_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2020_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2520_nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2520_nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2021_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2021_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3025_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3025_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3028-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3028-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6526-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6526-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-9029-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-9029-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-330-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-330-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-400-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-400-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2010-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2010-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2110-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2110-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2510-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2510-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2610-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2610-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3115-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3115-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4515_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4515_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4615_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4615_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5015_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5015_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5115_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5115_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2518_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2518_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2618_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2618_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-27162", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-14T16:46:51.633520Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-17T17:27:58.828Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T00:27:59.695Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "tags": [ "x_transferred" ], "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Linux" ], "product": "Toshiba Tec e-Studio multi-function peripheral (MFP)", "vendor": "Toshiba Tec Corporation", "versions": [ { "status": "affected", "version": "see the reference URL" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "We expresses its gratitude to Pierre Barre for reporting relevant security vulnerabilities for our products." } ], "datePublic": "2024-06-14T02:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Toshiba printers provide a web interface that will load the JavaScript file. The file contains insecure codes vulnerable to XSS and is loaded inside all the webpages provided by the printer. An attacker can steal the cookie of an admin user. As for the affected products/models/versions, see the reference URL." } ], "value": "Toshiba printers provide a web interface that will load the JavaScript file. The file contains insecure codes vulnerable to XSS and is loaded inside all the webpages provided by the printer. An attacker can steal the cookie of an admin user. As for the affected products/models/versions, see the reference URL." } ], "exploits": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "We are not aware of any malicious exploitation by these vulnerabilities.\u003cbr\u003e" } ], "value": "We are not aware of any malicious exploitation by these vulnerabilities." } ], "impacts": [ { "capecId": "CAPEC-588", "descriptions": [ { "lang": "en", "value": "CAPEC-588 DOM-Based XSS" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-14T03:39:04.876Z", "orgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "shortName": "Toshiba" }, "references": [ { "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in the version released on June 14, 2024 and all later versions.\u003cbr\u003e" } ], "value": "This issue is fixed in the version released on June 14, 2024 and all later versions." } ], "source": { "discovery": "UNKNOWN" }, "timeline": [ { "lang": "en", "time": "2024-06-14T02:00:00.000Z", "value": "Fixes will be released" } ], "title": "DOM-based XSS", "workarounds": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "When connecting the MFPs and printers with an outer network such as the Internet, only operate it in a network environment protected by a firewall, etc. to prevent information from being leaked due to incorrect settings or avoid illegal access by unauthorized users.\u003cbr\u003e" } ], "value": "When connecting the MFPs and printers with an outer network such as the Internet, only operate it in a network environment protected by a firewall, etc. to prevent information from being leaked due to incorrect settings or avoid illegal access by unauthorized users." } ], "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "assignerShortName": "Toshiba", "cveId": "CVE-2024-27162", "datePublished": "2024-06-14T03:39:04.876Z", "dateReserved": "2024-02-21T02:11:59.651Z", "dateUpdated": "2024-08-02T00:27:59.695Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-27146
Vulnerability from cvelistv5
Published
2024-06-14 02:35
Modified
2024-08-02 00:27
Severity ?
EPSS score ?
Summary
Lack of privileges separation
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Toshiba Tec Corporation | Toshiba Tec e-Studio multi-function peripheral (MFP) |
Version: see the reference URL |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2521_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2521_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2020_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2020_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2520_nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2520_nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2021_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2021_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3025_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3025_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3028-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3028-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6526-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6526-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-9029-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-9029-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-330-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-330-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-400-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-400-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2010-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2010-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2110-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2110-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2510-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2510-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2610-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2610-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3115-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3115-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4515_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4515_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4615_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4615_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5015_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5015_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5115_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5115_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2518_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2518_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2618_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2618_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-27146", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-06-14T16:51:38.321338Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-14T19:53:59.889Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T00:27:59.597Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "tags": [ "x_transferred" ], "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Linux" ], "product": "Toshiba Tec e-Studio multi-function peripheral (MFP)", "vendor": "Toshiba Tec Corporation", "versions": [ { "status": "affected", "version": "see the reference URL" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "We expresses its gratitude to Pierre Barre for reporting relevant security vulnerabilities for our products." } ], "datePublic": "2024-06-14T02:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "The Toshiba printers do not implement privileges separation. As for the affected products/models/versions, see the reference URL." } ], "value": "The Toshiba printers do not implement privileges separation. As for the affected products/models/versions, see the reference URL." } ], "exploits": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "We are not aware of any malicious exploitation by these vulnerabilities.\u003cbr\u003e" } ], "value": "We are not aware of any malicious exploitation by these vulnerabilities." } ], "impacts": [ { "capecId": "CAPEC-122", "descriptions": [ { "lang": "en", "value": "CAPEC-122 Privilege Abuse" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-250", "description": "CWE-250: \"Execution with Unnecessary Privileges\"", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-14T02:35:33.638Z", "orgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "shortName": "Toshiba" }, "references": [ { "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in the version released on June 14, 2024 and all later versions.\u003cbr\u003e" } ], "value": "This issue is fixed in the version released on June 14, 2024 and all later versions." } ], "source": { "discovery": "UNKNOWN" }, "timeline": [ { "lang": "en", "time": "2024-06-14T02:00:00.000Z", "value": "Fixes will be released" } ], "title": "Lack of privileges separation", "workarounds": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "When connecting the MFPs and printers with an outer network such as the Internet, only operate it in a network environment protected by a firewall, etc. to prevent information from being leaked due to incorrect settings or avoid illegal access by unauthorized users.\u003cbr\u003e" } ], "value": "When connecting the MFPs and printers with an outer network such as the Internet, only operate it in a network environment protected by a firewall, etc. to prevent information from being leaked due to incorrect settings or avoid illegal access by unauthorized users." } ], "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "assignerShortName": "Toshiba", "cveId": "CVE-2024-27146", "datePublished": "2024-06-14T02:35:33.638Z", "dateReserved": "2024-02-21T02:11:53.251Z", "dateUpdated": "2024-08-02T00:27:59.597Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-27180
Vulnerability from cvelistv5
Published
2024-06-14 04:10
Modified
2024-08-19 12:46
Severity ?
EPSS score ?
Summary
TOCTOU vulnerability
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Toshiba Tec Corporation | Toshiba Tec e-Studio multi-function peripheral (MFP) |
Version: see the reference URL |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T00:27:59.693Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "tags": [ "x_transferred" ], "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2521_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2521_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2020_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2020_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2520_nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2520_nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2021_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2021_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3025_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3025_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3028-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3028-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6526-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6526-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-9029-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-9029-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-330-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-330-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-400-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-400-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2010-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2010-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2110-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2110-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2510-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2510-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2610-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2610-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3115-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3115-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4515_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4515_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4615_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4615_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5015_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5015_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5115_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5115_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2518_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2518_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2618_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2618_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-27180", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-08-19T12:46:45.680916Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-19T12:46:55.978Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Linux" ], "product": "Toshiba Tec e-Studio multi-function peripheral (MFP)", "vendor": "Toshiba Tec Corporation", "versions": [ { "status": "affected", "version": "see the reference URL" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "We expresses its gratitude to Pierre Barre for reporting relevant security vulnerabilities for our products." } ], "datePublic": "2024-06-14T02:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "An attacker with admin access can install rogue applications. As for the affected products/models/versions, see the reference URL." } ], "value": "An attacker with admin access can install rogue applications. As for the affected products/models/versions, see the reference URL." } ], "exploits": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "We are not aware of any malicious exploitation by these vulnerabilities.\u003cbr\u003e" } ], "value": "We are not aware of any malicious exploitation by these vulnerabilities." } ], "impacts": [ { "capecId": "CAPEC-29", "descriptions": [ { "lang": "en", "value": "CAPEC-29 Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-276", "description": "CWE-276 Incorrect Default Permissions", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-14T04:10:30.671Z", "orgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "shortName": "Toshiba" }, "references": [ { "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in the version released on June 14, 2024 and all later versions.\u003cbr\u003e" } ], "value": "This issue is fixed in the version released on June 14, 2024 and all later versions." } ], "source": { "discovery": "UNKNOWN" }, "timeline": [ { "lang": "en", "time": "2024-06-14T02:00:00.000Z", "value": "Fixes will be released" } ], "title": "TOCTOU vulnerability", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "assignerShortName": "Toshiba", "cveId": "CVE-2024-27180", "datePublished": "2024-06-14T04:10:30.671Z", "dateReserved": "2024-02-21T02:12:01.821Z", "dateUpdated": "2024-08-19T12:46:55.978Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-27164
Vulnerability from cvelistv5
Published
2024-06-14 03:42
Modified
2024-08-02 00:27
Severity ?
EPSS score ?
Summary
Hardcoded credentials
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Toshiba Tec Corporation | Toshiba Tec e-Studio multi-function peripheral (MFP) |
Version: see the reference URL |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2521_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2521_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2020_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2020_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2520_nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2520_nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2021_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2021_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3025_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3025_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3028-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3028-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6526-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6526-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-9029-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-9029-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-330-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-330-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-400-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-400-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2010-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2010-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2110-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2110-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2510-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2510-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2610-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2610-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3115-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3115-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4515_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4515_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4615_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4615_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5015_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5015_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5115_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5115_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2518_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2518_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2618_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2618_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-27164", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-14T16:46:16.555920Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-17T17:27:46.150Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T00:27:59.900Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "tags": [ "x_transferred" ], "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Linux" ], "product": "Toshiba Tec e-Studio multi-function peripheral (MFP)", "vendor": "Toshiba Tec Corporation", "versions": [ { "status": "affected", "version": "see the reference URL" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "We expresses its gratitude to Pierre Barre for reporting relevant security vulnerabilities for our products." } ], "datePublic": "2024-06-14T02:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Toshiba printers contain hardcoded credentials. As for the affected products/models/versions, see the reference URL." } ], "value": "Toshiba printers contain hardcoded credentials. As for the affected products/models/versions, see the reference URL." } ], "exploits": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "We are not aware of any malicious exploitation by these vulnerabilities.\u003cbr\u003e" } ], "value": "We are not aware of any malicious exploitation by these vulnerabilities." } ], "impacts": [ { "capecId": "CAPEC-37", "descriptions": [ { "lang": "en", "value": "CAPEC-37 Retrieve Embedded Sensitive Data" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-259", "description": "CWE-259 Use of Hard-coded Password", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-14T03:42:00.905Z", "orgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "shortName": "Toshiba" }, "references": [ { "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in the version released on June 14, 2024 and all later versions.\u003cbr\u003e" } ], "value": "This issue is fixed in the version released on June 14, 2024 and all later versions." } ], "source": { "discovery": "UNKNOWN" }, "timeline": [ { "lang": "en", "time": "2024-06-14T02:00:00.000Z", "value": "Fixes will be released" } ], "title": "Hardcoded credentials", "workarounds": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "When connecting the MFPs and printers with an outer network such as the Internet, only operate it in a network environment protected by a firewall, etc. to prevent information from being leaked due to incorrect settings or avoid illegal access by unauthorized users.\u003cbr\u003e" } ], "value": "When connecting the MFPs and printers with an outer network such as the Internet, only operate it in a network environment protected by a firewall, etc. to prevent information from being leaked due to incorrect settings or avoid illegal access by unauthorized users." } ], "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "assignerShortName": "Toshiba", "cveId": "CVE-2024-27164", "datePublished": "2024-06-14T03:42:00.905Z", "dateReserved": "2024-02-21T02:11:59.652Z", "dateUpdated": "2024-08-02T00:27:59.900Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-27151
Vulnerability from cvelistv5
Published
2024-06-14 02:54
Modified
2024-08-02 00:27
Severity ?
EPSS score ?
Summary
Local Privilege Escalation and Remote Code Execution using insecure permissions
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Toshiba Tec Corporation | Toshiba Tec e-Studio multi-function peripheral (MFP) |
Version: see the reference URL |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2521_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2521_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2020_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2020_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2520_nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2520_nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2021_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2021_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3025_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3025_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3028-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3028-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6526-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6526-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-9029-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-9029-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-330-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-330-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-400-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-400-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2010-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2010-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2110-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2110-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2510-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2510-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2610-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2610-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3115-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3115-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4515_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4515_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4615_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4615_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5015_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5015_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5115_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5115_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2518_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2518_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2618_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2618_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-27151", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-06-14T16:49:29.733955Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-14T19:52:35.386Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T00:27:58.925Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "tags": [ "x_transferred" ], "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Linux" ], "product": "Toshiba Tec e-Studio multi-function peripheral (MFP)", "vendor": "Toshiba Tec Corporation", "versions": [ { "status": "affected", "version": "see the reference URL" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "We expresses its gratitude to Pierre Barre for reporting relevant security vulnerabilities for our products." } ], "datePublic": "2024-06-14T02:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. The programs can be replaced by malicious programs by any local or remote attacker. As for the affected products/models/versions, see the reference URL." } ], "value": "The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. The programs can be replaced by malicious programs by any local or remote attacker. As for the affected products/models/versions, see the reference URL." } ], "exploits": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "We are not aware of any malicious exploitation by these vulnerabilities.\u003cbr\u003e" } ], "value": "We are not aware of any malicious exploitation by these vulnerabilities." } ], "impacts": [ { "capecId": "CAPEC-180", "descriptions": [ { "lang": "en", "value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-276", "description": "CWE-276 Incorrect Default Permissions", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-14T02:54:05.707Z", "orgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "shortName": "Toshiba" }, "references": [ { "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in the version released on June 14, 2024 and all later versions.\u003cbr\u003e" } ], "value": "This issue is fixed in the version released on June 14, 2024 and all later versions." } ], "source": { "discovery": "UNKNOWN" }, "timeline": [ { "lang": "en", "time": "2024-06-14T02:00:00.000Z", "value": "Fixes will be released" } ], "title": "Local Privilege Escalation and Remote Code Execution using insecure permissions", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "assignerShortName": "Toshiba", "cveId": "CVE-2024-27151", "datePublished": "2024-06-14T02:54:05.707Z", "dateReserved": "2024-02-21T02:11:56.734Z", "dateUpdated": "2024-08-02T00:27:58.925Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-27157
Vulnerability from cvelistv5
Published
2024-06-14 03:22
Modified
2024-08-02 00:27
Severity ?
EPSS score ?
Summary
Leak of authentication sessions in secure logs
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Toshiba Tec Corporation | Toshiba Tec e-Studio multi-function peripheral (MFP) |
Version: see the reference URL |
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-27157", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-15T20:51:41.389397Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-15T20:51:59.211Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T00:27:59.245Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "tags": [ "x_transferred" ], "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Linux" ], "product": "Toshiba Tec e-Studio multi-function peripheral (MFP)", "vendor": "Toshiba Tec Corporation", "versions": [ { "status": "affected", "version": "see the reference URL" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "We expresses its gratitude to Pierre Barre for reporting relevant security vulnerabilities for our products." } ], "datePublic": "2024-06-14T02:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "The sessions are stored in clear-text logs. An attacker can retrieve authentication sessions. A remote attacker can retrieve the credentials and bypass the authentication mechanism. As for the affected products/models/versions, see the reference URL." } ], "value": "The sessions are stored in clear-text logs. An attacker can retrieve authentication sessions. A remote attacker can retrieve the credentials and bypass the authentication mechanism. As for the affected products/models/versions, see the reference URL." } ], "exploits": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "We are not aware of any malicious exploitation by these vulnerabilities.\u003cbr\u003e" } ], "value": "We are not aware of any malicious exploitation by these vulnerabilities." } ], "impacts": [ { "capecId": "CAPEC-37", "descriptions": [ { "lang": "en", "value": "CAPEC-37 Retrieve Embedded Sensitive Data" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-532", "description": "CWE-532 Insertion of Sensitive Information into Log File", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-14T03:22:31.415Z", "orgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "shortName": "Toshiba" }, "references": [ { "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in the version released on June 14, 2024 and all later versions.\u003cbr\u003e" } ], "value": "This issue is fixed in the version released on June 14, 2024 and all later versions." } ], "source": { "discovery": "UNKNOWN" }, "timeline": [ { "lang": "en", "time": "2024-06-14T02:00:00.000Z", "value": "Fixes will be released" } ], "title": "Leak of authentication sessions in secure logs", "workarounds": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "When connecting the MFPs and printers with an outer network such as the Internet, only operate it in a network environment protected by a firewall, etc. to prevent information from being leaked due to incorrect settings or avoid illegal access by unauthorized users.\u003cbr\u003e" } ], "value": "When connecting the MFPs and printers with an outer network such as the Internet, only operate it in a network environment protected by a firewall, etc. to prevent information from being leaked due to incorrect settings or avoid illegal access by unauthorized users." } ], "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "assignerShortName": "Toshiba", "cveId": "CVE-2024-27157", "datePublished": "2024-06-14T03:22:31.415Z", "dateReserved": "2024-02-21T02:11:56.735Z", "dateUpdated": "2024-08-02T00:27:59.245Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-27179
Vulnerability from cvelistv5
Published
2024-06-14 04:09
Modified
2024-08-02 00:27
Severity ?
EPSS score ?
Summary
Session disclosure inside the log files
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Toshiba Tec Corporation | Toshiba Tec e-Studio multi-function peripheral (MFP) |
Version: see the reference URL |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2521_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2521_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2020_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2020_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2520_nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2520_nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2021_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2021_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3025_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3025_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3028-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3028-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6526-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6526-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-9029-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-9029-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-330-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-330-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-400-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-400-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2010-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2010-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2110-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2110-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2510-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2510-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2610-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2610-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3115-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3115-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-27179", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-14T17:42:57.245037Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-14T17:43:06.237Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T00:27:59.898Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "tags": [ "x_transferred" ], "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Linux" ], "product": "Toshiba Tec e-Studio multi-function peripheral (MFP)", "vendor": "Toshiba Tec Corporation", "versions": [ { "status": "affected", "version": "see the reference URL" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "We expresses its gratitude to Pierre Barre for reporting relevant security vulnerabilities for our products." } ], "datePublic": "2024-06-14T02:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Admin cookies are written in clear-text in logs. An attacker can retrieve them and bypass the authentication mechanism. As for the affected products/models/versions, see the reference URL." } ], "value": "Admin cookies are written in clear-text in logs. An attacker can retrieve them and bypass the authentication mechanism. As for the affected products/models/versions, see the reference URL." } ], "exploits": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "We are not aware of any malicious exploitation by these vulnerabilities.\u003cbr\u003e" } ], "value": "We are not aware of any malicious exploitation by these vulnerabilities." } ], "impacts": [ { "capecId": "CAPEC-37", "descriptions": [ { "lang": "en", "value": "CAPEC-37 Retrieve Embedded Sensitive Data" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-1295", "description": "CWE-1295 Debug Messages Revealing Unnecessary Information", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-14T04:09:24.831Z", "orgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "shortName": "Toshiba" }, "references": [ { "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in the version released on June 14, 2024 and all later versions.\u003cbr\u003e" } ], "value": "This issue is fixed in the version released on June 14, 2024 and all later versions." } ], "source": { "discovery": "UNKNOWN" }, "timeline": [ { "lang": "en", "time": "2024-06-14T02:00:00.000Z", "value": "Fixes will be released" } ], "title": "Session disclosure inside the log files", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "assignerShortName": "Toshiba", "cveId": "CVE-2024-27179", "datePublished": "2024-06-14T04:09:24.831Z", "dateReserved": "2024-02-21T02:12:01.821Z", "dateUpdated": "2024-08-02T00:27:59.898Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-3497
Vulnerability from cvelistv5
Published
2024-06-14 04:17
Modified
2024-08-01 20:12
Severity ?
EPSS score ?
Summary
Directory Traversal Remote Code Execution Vulnerability
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Toshiba Tec Corporation | Toshiba Tec e-Studio multi-function peripheral (MFP) |
Version: see the reference URL |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2521_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2521_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2020_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2020_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2520_nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2520_nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2021_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2021_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3025_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3025_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3028-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3028-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6526-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6526-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-9029-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-9029-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-330-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-330-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-400-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-400-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2010-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2010-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2110-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2110-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2510-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2510-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2610-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2610-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3115-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3115-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4515_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4515_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4615_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4615_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5015_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5015_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5115_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5115_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2518_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2518_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2618_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2618_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-3497", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-06-14T16:45:32.781620Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-14T19:56:02.352Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T20:12:07.639Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "tags": [ "x_transferred" ], "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Linux" ], "product": "Toshiba Tec e-Studio multi-function peripheral (MFP)", "vendor": "Toshiba Tec Corporation", "versions": [ { "status": "affected", "version": "see the reference URL" } ] } ], "configurations": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "If user authentication is disabled.\u003cbr\u003e" } ], "value": "If user authentication is disabled." } ], "credits": [ { "lang": "en", "type": "finder", "value": "We expresses its gratitude to Zhenhua Huang, Harry Zhang and Minmin Li for reporting relevant security vulnerabilities for our products." } ], "datePublic": "2024-06-14T02:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Path traversal vulnerability in the web server of the Toshiba printer enables attacker to overwrite orginal files or add new ones to the printer. As for the affected products/models/versions, see the reference URL." } ], "value": "Path traversal vulnerability in the web server of the Toshiba printer enables attacker to overwrite orginal files or add new ones to the printer. As for the affected products/models/versions, see the reference URL." } ], "exploits": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "We are not aware of any malicious exploitation by these vulnerabilities.\u003cbr\u003e" } ], "value": "We are not aware of any malicious exploitation by these vulnerabilities." } ], "impacts": [ { "capecId": "CAPEC-126", "descriptions": [ { "lang": "en", "value": "CAPEC-126 Path Traversal" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-23", "description": "CWE-23 Relative Path Traversal", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-14T04:17:56.164Z", "orgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "shortName": "Toshiba" }, "references": [ { "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in the version released on June 14, 2024 and all later versions.\u003cbr\u003e" } ], "value": "This issue is fixed in the version released on June 14, 2024 and all later versions." } ], "source": { "discovery": "UNKNOWN" }, "timeline": [ { "lang": "en", "time": "2024-06-14T02:00:00.000Z", "value": "Fixes will be released" } ], "title": "Directory Traversal Remote Code Execution Vulnerability", "workarounds": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "When connecting the MFPs and printers with an outer network such as the Internet, only operate it in a network environment protected by a firewall, etc. to prevent information from being leaked due to incorrect settings or avoid illegal access by unauthorized users.\u003cbr\u003e" } ], "value": "When connecting the MFPs and printers with an outer network such as the Internet, only operate it in a network environment protected by a firewall, etc. to prevent information from being leaked due to incorrect settings or avoid illegal access by unauthorized users." } ], "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "assignerShortName": "Toshiba", "cveId": "CVE-2024-3497", "datePublished": "2024-06-14T04:17:56.164Z", "dateReserved": "2024-04-09T00:59:38.974Z", "dateUpdated": "2024-08-01T20:12:07.639Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-27154
Vulnerability from cvelistv5
Published
2024-06-14 02:58
Modified
2024-08-02 00:27
Severity ?
EPSS score ?
Summary
Passwords are stored in clear-text logs.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Toshiba Tec Corporation | Toshiba Tec e-Studio multi-function peripheral (MFP) |
Version: see the reference URL |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2521_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2521_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2020_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2020_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2520_nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2520_nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2021_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2021_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3025_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3025_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3028-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3028-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6526-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6526-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-9029-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-9029-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-330-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-330-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-400-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-400-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2010-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2010-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2110-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2110-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2510-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2510-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2610-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2610-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3115-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3115-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4515_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4515_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4615_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4615_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5015_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5015_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5115_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5115_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2518_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2518_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2618_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2618_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-27154", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-07-16T17:34:14.177643Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-16T17:38:31.324Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T00:27:59.466Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "tags": [ "x_transferred" ], "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Linux" ], "product": "Toshiba Tec e-Studio multi-function peripheral (MFP)", "vendor": "Toshiba Tec Corporation", "versions": [ { "status": "affected", "version": "see the reference URL" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "We expresses its gratitude to Pierre Barre for reporting relevant security vulnerabilities for our products." } ], "datePublic": "2024-06-14T02:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Passwords are stored in clear-text logs. An attacker can retrieve passwords. As for the affected products/models/versions, see the reference URL." } ], "value": "Passwords are stored in clear-text logs. An attacker can retrieve passwords. As for the affected products/models/versions, see the reference URL." } ], "exploits": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "We are not aware of any malicious exploitation by these vulnerabilities.\u003cbr\u003e" } ], "value": "We are not aware of any malicious exploitation by these vulnerabilities." } ], "impacts": [ { "capecId": "CAPEC-37", "descriptions": [ { "lang": "en", "value": "CAPEC-37 Retrieve Embedded Sensitive Data" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-532", "description": "CWE-532 Insertion of Sensitive Information into Log File", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-14T02:58:55.751Z", "orgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "shortName": "Toshiba" }, "references": [ { "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in the version released on June 14, 2024 and all later versions.\u003cbr\u003e" } ], "value": "This issue is fixed in the version released on June 14, 2024 and all later versions." } ], "source": { "discovery": "UNKNOWN" }, "timeline": [ { "lang": "en", "time": "2024-06-14T02:00:00.000Z", "value": "Fixes will be released" } ], "title": "Passwords are stored in clear-text logs.", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "assignerShortName": "Toshiba", "cveId": "CVE-2024-27154", "datePublished": "2024-06-14T02:58:55.751Z", "dateReserved": "2024-02-21T02:11:56.735Z", "dateUpdated": "2024-08-02T00:27:59.466Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-27178
Vulnerability from cvelistv5
Published
2024-06-14 04:08
Modified
2024-08-02 00:27
Severity ?
EPSS score ?
Summary
Remote Code Execution
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Toshiba Tec Corporation | Toshiba Tec e-Studio multi-function peripheral (MFP) |
Version: see the reference URL |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2521_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2521_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2020_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2020_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2520_nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2520_nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2021_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2021_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3025_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3025_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3028-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3028-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6526-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6526-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-9029-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-9029-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-330-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-330-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-400-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-400-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2010-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2010-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2110-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2110-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2510-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2510-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2610-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2610-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3115-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3115-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4515_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4515_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4615_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4615_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5015_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5015_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5115_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5115_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2518_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2518_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2618_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2618_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-27178", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-06-14T20:22:15.847966Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-14T20:22:33.348Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T00:27:59.888Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "tags": [ "x_transferred" ], "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Linux" ], "product": "Toshiba Tec e-Studio multi-function peripheral (MFP)", "vendor": "Toshiba Tec Corporation", "versions": [ { "status": "affected", "version": "see the reference URL" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "We expresses its gratitude to Pierre Barre for reporting relevant security vulnerabilities for our products." } ], "datePublic": "2024-06-14T02:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "An attacker can get Remote Code Execution by overwriting files. Overwriting files is enable by falsifying file name variable. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. So, the CVSS score for this vulnerability alone is lower than the score listed in the \"Base Score\" of this vulnerability. For detail on related other vulnerabilities, please ask to the below contact point.\u003cbr\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.toshibatec.com/contacts/products/\"\u003ehttps://www.toshibatec.com/contacts/products/\u003c/a\u003e\u003cbr\u003eAs for the affected products/models/versions, see the reference URL." } ], "value": "An attacker can get Remote Code Execution by overwriting files. Overwriting files is enable by falsifying file name variable. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. So, the CVSS score for this vulnerability alone is lower than the score listed in the \"Base Score\" of this vulnerability. For detail on related other vulnerabilities, please ask to the below contact point.\n https://www.toshibatec.com/contacts/products/ \nAs for the affected products/models/versions, see the reference URL." } ], "exploits": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "We are not aware of any malicious exploitation by these vulnerabilities.\u003cbr\u003e" } ], "value": "We are not aware of any malicious exploitation by these vulnerabilities." } ], "impacts": [ { "capecId": "CAPEC-126", "descriptions": [ { "lang": "en", "value": "CAPEC-126 Path Traversal" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-22", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-14T04:08:21.126Z", "orgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "shortName": "Toshiba" }, "references": [ { "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in the version released on June 14, 2024 and all later versions.\u003cbr\u003e" } ], "value": "This issue is fixed in the version released on June 14, 2024 and all later versions." } ], "source": { "discovery": "UNKNOWN" }, "timeline": [ { "lang": "en", "time": "2024-06-14T02:00:00.000Z", "value": "Fixes will be released" } ], "title": "Remote Code Execution", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "assignerShortName": "Toshiba", "cveId": "CVE-2024-27178", "datePublished": "2024-06-14T04:08:21.126Z", "dateReserved": "2024-02-21T02:12:01.821Z", "dateUpdated": "2024-08-02T00:27:59.888Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-3496
Vulnerability from cvelistv5
Published
2024-06-14 04:13
Modified
2024-08-19 12:45
Severity ?
EPSS score ?
Summary
Authentication Bypass Vulnerability
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Toshiba Tec Corporation | Toshiba Tec e-Studio multi-function peripheral (MFP) |
Version: see the reference URL |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T20:12:07.797Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "tags": [ "x_transferred" ], "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3025_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3025_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3028-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3028-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2521_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2521_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2020_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2020_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2520_nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2520_nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2021_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2021_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6526-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6526-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-9029-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-9029-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-330-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-330-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-400-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-400-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2010-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2010-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2110-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2110-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2510-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2510-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2610-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2610-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3115-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3115-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4515_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4515_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4615_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4615_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5015_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5015_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5115_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5115_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2518_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2518_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2618_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2618_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-3496", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-08-19T12:45:03.854761Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-19T12:45:16.203Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Linux" ], "product": "Toshiba Tec e-Studio multi-function peripheral (MFP)", "vendor": "Toshiba Tec Corporation", "versions": [ { "status": "affected", "version": "see the reference URL" } ] } ], "configurations": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "If user authentication is disabled.\u003cbr\u003e" } ], "value": "If user authentication is disabled." } ], "credits": [ { "lang": "en", "type": "finder", "value": "We expresses its gratitude to Zhenhua Huang, Harry Zhang and Minmin Li for reporting relevant security vulnerabilities for our products." } ], "datePublic": "2024-06-14T02:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Attackers can bypass the web login authentication process to gain access to the printer\u0027s system information and upload malicious drivers to the printer. As for the affected products/models/versions, see the reference URL." } ], "value": "Attackers can bypass the web login authentication process to gain access to the printer\u0027s system information and upload malicious drivers to the printer. As for the affected products/models/versions, see the reference URL." } ], "exploits": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "We are not aware of any malicious exploitation by these vulnerabilities.\u003cbr\u003e" } ], "value": "We are not aware of any malicious exploitation by these vulnerabilities." } ], "impacts": [ { "capecId": "CAPEC-115", "descriptions": [ { "lang": "en", "value": "CAPEC-115 Authentication Bypass" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-288", "description": "CWE-288 Authentication Bypass Using an Alternate Path or Channel", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-14T04:13:22.003Z", "orgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "shortName": "Toshiba" }, "references": [ { "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in the version released on June 14, 2024 and all later versions.\u003cbr\u003e" } ], "value": "This issue is fixed in the version released on June 14, 2024 and all later versions." } ], "source": { "discovery": "UNKNOWN" }, "timeline": [ { "lang": "en", "time": "2024-06-14T02:00:00.000Z", "value": "Fixes will be released" } ], "title": "Authentication Bypass Vulnerability", "workarounds": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "When connecting the MFPs and printers with an outer network such as the Internet, only operate it in a network environment protected by a firewall, etc. to prevent information from being leaked due to incorrect settings or avoid illegal access by unauthorized users.\u003cbr\u003e" } ], "value": "When connecting the MFPs and printers with an outer network such as the Internet, only operate it in a network environment protected by a firewall, etc. to prevent information from being leaked due to incorrect settings or avoid illegal access by unauthorized users." } ], "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "assignerShortName": "Toshiba", "cveId": "CVE-2024-3496", "datePublished": "2024-06-14T04:13:22.003Z", "dateReserved": "2024-04-09T00:59:33.888Z", "dateUpdated": "2024-08-19T12:45:16.203Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-27161
Vulnerability from cvelistv5
Published
2024-06-14 03:37
Modified
2024-08-02 00:27
Severity ?
EPSS score ?
Summary
Hardcoded password used to encrypt files
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Toshiba Tec Corporation | Toshiba Tec e-Studio multi-function peripheral (MFP) |
Version: see the reference URL |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2521_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2521_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2020_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2020_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2520_nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2520_nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2021_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2021_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3025_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3025_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3028-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3028-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6526-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6526-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-9029-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-9029-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-330-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-330-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-400-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-400-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2010-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2010-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2110-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2110-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2510-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2510-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2610-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2610-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3115-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3115-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4515_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4515_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4615_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4615_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5015_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5015_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5115_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5115_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2518_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2518_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2618_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2618_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-27161", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-14T16:47:16.467430Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-17T17:28:09.555Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T00:27:59.657Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "tags": [ "x_transferred" ], "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Linux" ], "product": "Toshiba Tec e-Studio multi-function peripheral (MFP)", "vendor": "Toshiba Tec Corporation", "versions": [ { "status": "affected", "version": "see the reference URL" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "We expresses its gratitude to Pierre Barre for reporting relevant security vulnerabilities for our products." } ], "datePublic": "2024-06-14T02:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "all the Toshiba printers have programs containing a hardcoded key used to encrypt files. An attacker can decrypt the encrypted files using the hardcoded key. Insecure algorithm is used for the encryption. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. So, the CVSS score for this vulnerability alone is lower than the score listed in the \"Base Score\" of this vulnerability.\u0026nbsp;For detail on related other vulnerabilities, please ask to the below contact point.\u003cbr\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.toshibatec.com/contacts/products/\"\u003ehttps://www.toshibatec.com/contacts/products/\u003c/a\u003e\u003cbr\u003eAs for the affected products/models/versions, see the reference URL." } ], "value": "all the Toshiba printers have programs containing a hardcoded key used to encrypt files. An attacker can decrypt the encrypted files using the hardcoded key. Insecure algorithm is used for the encryption. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. So, the CVSS score for this vulnerability alone is lower than the score listed in the \"Base Score\" of this vulnerability.\u00a0For detail on related other vulnerabilities, please ask to the below contact point.\n https://www.toshibatec.com/contacts/products/ \nAs for the affected products/models/versions, see the reference URL." } ], "exploits": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "We are not aware of any malicious exploitation by these vulnerabilities.\u003cbr\u003e" } ], "value": "We are not aware of any malicious exploitation by these vulnerabilities." } ], "impacts": [ { "capecId": "CAPEC-191", "descriptions": [ { "lang": "en", "value": "CAPEC-191 Read Sensitive Constants Within an Executable" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-798", "description": "CWE-798 Use of Hard-coded Credentials", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-14T03:37:14.751Z", "orgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "shortName": "Toshiba" }, "references": [ { "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in the version released on June 14, 2024 and all later versions.\u003cbr\u003e" } ], "value": "This issue is fixed in the version released on June 14, 2024 and all later versions." } ], "source": { "discovery": "UNKNOWN" }, "timeline": [ { "lang": "en", "time": "2024-06-14T02:00:00.000Z", "value": "Fixes will be released" } ], "title": "Hardcoded password used to encrypt files", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "assignerShortName": "Toshiba", "cveId": "CVE-2024-27161", "datePublished": "2024-06-14T03:37:14.751Z", "dateReserved": "2024-02-21T02:11:59.651Z", "dateUpdated": "2024-08-02T00:27:59.657Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-27142
Vulnerability from cvelistv5
Published
2024-06-14 02:28
Modified
2024-08-02 00:27
Severity ?
EPSS score ?
Summary
Pre-authenticated XXE injection
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Toshiba Tec Corporation | Toshiba Tec e-Studio multi-function peripheral (MFP) |
Version: see the reference URL |
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-27142", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-14T19:06:28.665389Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-14T19:06:38.766Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T00:27:59.056Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "tags": [ "x_transferred" ], "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Linux" ], "product": "Toshiba Tec e-Studio multi-function peripheral (MFP)", "vendor": "Toshiba Tec Corporation", "versions": [ { "status": "affected", "version": "see the reference URL" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "We expresses its gratitude to Pierre Barre for reporting relevant security vulnerabilities for our products." } ], "datePublic": "2024-06-14T02:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Toshiba printers use XML communication for the API endpoint provided by the printer. For the endpoint, XML parsing library is used and it is vulnerable to a time-based blind XML External Entity (XXE) vulnerability. An attacker can DoS the printers. An attacker can exploit the XXE to retrieve information. As for the affected products/models/versions, see the reference URL." } ], "value": "Toshiba printers use XML communication for the API endpoint provided by the printer. For the endpoint, XML parsing library is used and it is vulnerable to a time-based blind XML External Entity (XXE) vulnerability. An attacker can DoS the printers. An attacker can exploit the XXE to retrieve information. As for the affected products/models/versions, see the reference URL." } ], "exploits": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "We are not aware of any malicious exploitation by these vulnerabilities.\u003cbr\u003e" } ], "value": "We are not aware of any malicious exploitation by these vulnerabilities." } ], "impacts": [ { "capecId": "CAPEC-197", "descriptions": [ { "lang": "en", "value": "CAPEC-197 Exponential Data Expansion" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-776", "description": "CWE-776 Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-14T02:28:02.965Z", "orgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "shortName": "Toshiba" }, "references": [ { "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in the version released on June 14, 2024 and all later versions.\u003cbr\u003e" } ], "value": "This issue is fixed in the version released on June 14, 2024 and all later versions." } ], "source": { "discovery": "UNKNOWN" }, "timeline": [ { "lang": "en", "time": "2024-06-14T02:00:00.000Z", "value": "Fixes will be released" } ], "title": "Pre-authenticated XXE injection", "workarounds": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "When connecting the MFPs and printers with an outer network such as the Internet, only operate it in a network environment protected by a firewall, etc. to prevent information from being leaked due to incorrect settings or avoid illegal access by unauthorized users.\u003cbr\u003e" } ], "value": "When connecting the MFPs and printers with an outer network such as the Internet, only operate it in a network environment protected by a firewall, etc. to prevent information from being leaked due to incorrect settings or avoid illegal access by unauthorized users." } ], "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "assignerShortName": "Toshiba", "cveId": "CVE-2024-27142", "datePublished": "2024-06-14T02:28:02.965Z", "dateReserved": "2024-02-21T02:11:53.250Z", "dateUpdated": "2024-08-02T00:27:59.056Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-27176
Vulnerability from cvelistv5
Published
2024-06-14 04:05
Modified
2024-08-02 00:27
Severity ?
EPSS score ?
Summary
Remote Code Execution
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Toshiba Tec Corporation | Toshiba Tec e-Studio multi-function peripheral (MFP) |
Version: see the reference URL |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2521_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2521_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2020_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2020_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2520_nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2520_nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2021_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2021_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3025_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3025_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3028-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3028-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6526-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6526-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-9029-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-9029-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-330-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-330-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-400-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-400-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2010-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2010-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2110-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2110-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2510-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2510-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2610-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2610-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3115-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3115-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4515_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4515_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4615_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4615_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5015_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5015_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5115_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5115_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2518_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2518_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2618_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2618_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-27176", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-07-16T16:21:24.945700Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-16T16:21:32.837Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T00:27:59.700Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "tags": [ "x_transferred" ], "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Linux" ], "product": "Toshiba Tec e-Studio multi-function peripheral (MFP)", "vendor": "Toshiba Tec Corporation", "versions": [ { "status": "affected", "version": "see the reference URL" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "We expresses its gratitude to Pierre Barre for reporting relevant security vulnerabilities for our products." } ], "datePublic": "2024-06-14T02:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "An attacker can get Remote Code Execution by overwriting files. Overwriting files is enable by falsifying session ID variable. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. So, the CVSS score for this vulnerability alone is lower than the score listed in the \"Base Score\" of this vulnerability. For detail on related other vulnerabilities, please ask to the below contact point.\u003cbr\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.toshibatec.com/contacts/products/\"\u003ehttps://www.toshibatec.com/contacts/products/\u003c/a\u003e\u003cbr\u003eAs for the affected products/models/versions, see the reference URL." } ], "value": "An attacker can get Remote Code Execution by overwriting files. Overwriting files is enable by falsifying session ID variable. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. So, the CVSS score for this vulnerability alone is lower than the score listed in the \"Base Score\" of this vulnerability. For detail on related other vulnerabilities, please ask to the below contact point.\n https://www.toshibatec.com/contacts/products/ \nAs for the affected products/models/versions, see the reference URL." } ], "exploits": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "We are not aware of any malicious exploitation by these vulnerabilities.\u003cbr\u003e" } ], "value": "We are not aware of any malicious exploitation by these vulnerabilities." } ], "impacts": [ { "capecId": "CAPEC-126", "descriptions": [ { "lang": "en", "value": "CAPEC-126 Path Traversal" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-22", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-14T04:05:52.395Z", "orgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "shortName": "Toshiba" }, "references": [ { "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in the version released on June 14, 2024 and all later versions.\u003cbr\u003e" } ], "value": "This issue is fixed in the version released on June 14, 2024 and all later versions." } ], "source": { "discovery": "UNKNOWN" }, "timeline": [ { "lang": "en", "time": "2024-06-14T02:00:00.000Z", "value": "Fixes will be released" } ], "title": "Remote Code Execution", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "assignerShortName": "Toshiba", "cveId": "CVE-2024-27176", "datePublished": "2024-06-14T04:05:52.395Z", "dateReserved": "2024-02-21T02:12:01.821Z", "dateUpdated": "2024-08-02T00:27:59.700Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-27173
Vulnerability from cvelistv5
Published
2024-06-14 04:01
Modified
2024-08-02 00:27
Severity ?
EPSS score ?
Summary
insecure upload
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Toshiba Tec Corporation | Toshiba Tec e-Studio multi-function peripheral (MFP) |
Version: see the reference URL |
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-27173", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-17T15:49:44.144208Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-17T15:50:30.057Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T00:27:59.671Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "tags": [ "x_transferred" ], "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Linux" ], "product": "Toshiba Tec e-Studio multi-function peripheral (MFP)", "vendor": "Toshiba Tec Corporation", "versions": [ { "status": "affected", "version": "see the reference URL" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "We expresses its gratitude to Pierre Barre for reporting relevant security vulnerabilities for our products." } ], "datePublic": "2024-06-14T02:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Remote Command program allows an attacker to get Remote Code Execution by overwriting existing Python files containing executable code.\u0026nbsp;This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. So, the CVSS score for this vulnerability alone is lower than the score listed in the \"Base Score\" of this vulnerability. For detail on related other vulnerabilities, please ask to the below contact point.\u003cbr\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.toshibatec.com/contacts/products/\"\u003ehttps://www.toshibatec.com/contacts/products/\u003c/a\u003e\u003cbr\u003eAs for the affected products/models/versions, see the reference URL." } ], "value": "Remote Command program allows an attacker to get Remote Code Execution by overwriting existing Python files containing executable code.\u00a0This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. So, the CVSS score for this vulnerability alone is lower than the score listed in the \"Base Score\" of this vulnerability. For detail on related other vulnerabilities, please ask to the below contact point.\n https://www.toshibatec.com/contacts/products/ \nAs for the affected products/models/versions, see the reference URL." } ], "exploits": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "We are not aware of any malicious exploitation by these vulnerabilities.\u003cbr\u003e" } ], "value": "We are not aware of any malicious exploitation by these vulnerabilities." } ], "impacts": [ { "capecId": "CAPEC-126", "descriptions": [ { "lang": "en", "value": "CAPEC-126 Path Traversal" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-22", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-14T04:01:54.119Z", "orgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "shortName": "Toshiba" }, "references": [ { "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in the version released on June 14, 2024 and all later versions.\u003cbr\u003e" } ], "value": "This issue is fixed in the version released on June 14, 2024 and all later versions." } ], "source": { "discovery": "UNKNOWN" }, "timeline": [ { "lang": "en", "time": "2024-06-14T02:00:00.000Z", "value": "Fixes will be released" } ], "title": "insecure upload", "workarounds": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "When connecting the MFPs and printers with an outer network such as the Internet, only operate it in a network environment protected by a firewall, etc. to prevent information from being leaked due to incorrect settings or avoid illegal access by unauthorized users.\u003cbr\u003e" } ], "value": "When connecting the MFPs and printers with an outer network such as the Internet, only operate it in a network environment protected by a firewall, etc. to prevent information from being leaked due to incorrect settings or avoid illegal access by unauthorized users." } ], "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "assignerShortName": "Toshiba", "cveId": "CVE-2024-27173", "datePublished": "2024-06-14T04:01:54.119Z", "dateReserved": "2024-02-21T02:12:01.820Z", "dateUpdated": "2024-08-02T00:27:59.671Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-3498
Vulnerability from cvelistv5
Published
2024-06-14 04:20
Modified
2024-08-01 20:12
Severity ?
EPSS score ?
Summary
Incorrect Permission Assignment Privilege Escalation Vulnerability
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Toshiba Tec Corporation | Toshiba Tec e-Studio multi-function peripheral (MFP) |
Version: see the reference URL |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2521_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2521_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2020_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2020_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2520_nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2520_nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2021_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2021_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3025_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3025_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3028-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3028-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6526-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6526-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-9029-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-9029-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-330-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-330-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-400-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-400-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2010-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2010-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2110-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2110-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2510-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2510-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2610-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2610-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3115-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3115-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-3498", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-06-14T16:34:42.877802Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-14T16:48:56.007Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T20:12:07.649Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "tags": [ "x_transferred" ], "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Linux" ], "product": "Toshiba Tec e-Studio multi-function peripheral (MFP)", "vendor": "Toshiba Tec Corporation", "versions": [ { "status": "affected", "version": "see the reference URL" } ] } ], "configurations": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "If user authentication is disabled.\u003cbr\u003e" } ], "value": "If user authentication is disabled." } ], "credits": [ { "lang": "en", "type": "finder", "value": "We expresses its gratitude to Zhenhua Huang, Harry Zhang and Minmin Li for reporting relevant security vulnerabilities for our products." } ], "datePublic": "2024-06-14T02:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Attackers can then execute malicious files by enabling certain services of the printer via the web configuration page and elevate its privileges to root. As for the affected products/models/versions, see the reference URL." } ], "value": "Attackers can then execute malicious files by enabling certain services of the printer via the web configuration page and elevate its privileges to root. As for the affected products/models/versions, see the reference URL." } ], "exploits": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "We are not aware of any malicious exploitation by these vulnerabilities.\u003cbr\u003e" } ], "value": "We are not aware of any malicious exploitation by these vulnerabilities." } ], "impacts": [ { "capecId": "CAPEC-233", "descriptions": [ { "lang": "en", "value": "CAPEC-233 Privilege Escalation" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-250", "description": "CWE-250 Execution with Unnecessary Privileges", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-14T04:20:01.103Z", "orgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "shortName": "Toshiba" }, "references": [ { "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in the version released on June 14, 2024 and all later versions.\u003cbr\u003e" } ], "value": "This issue is fixed in the version released on June 14, 2024 and all later versions." } ], "source": { "discovery": "UNKNOWN" }, "timeline": [ { "lang": "en", "time": "2024-06-14T02:00:00.000Z", "value": "Fixes will be released" } ], "title": "Incorrect Permission Assignment Privilege Escalation Vulnerability", "workarounds": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "When connecting the MFPs and printers with an outer network such as the Internet, only operate it in a network environment protected by a firewall, etc. to prevent information from being leaked due to incorrect settings or avoid illegal access by unauthorized users.\u003cbr\u003e" } ], "value": "When connecting the MFPs and printers with an outer network such as the Internet, only operate it in a network environment protected by a firewall, etc. to prevent information from being leaked due to incorrect settings or avoid illegal access by unauthorized users." } ], "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "assignerShortName": "Toshiba", "cveId": "CVE-2024-3498", "datePublished": "2024-06-14T04:20:01.103Z", "dateReserved": "2024-04-09T00:59:41.285Z", "dateUpdated": "2024-08-01T20:12:07.649Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-27156
Vulnerability from cvelistv5
Published
2024-06-14 03:20
Modified
2024-08-02 00:27
Severity ?
EPSS score ?
Summary
Leak of authentication sessions in secure logs
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Toshiba Tec Corporation | Toshiba Tec e-Studio multi-function peripheral (MFP) |
Version: see the reference URL |
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-27156", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-14T18:15:44.657901Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-14T18:15:52.105Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T00:27:59.190Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "tags": [ "x_transferred" ], "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Linux" ], "product": "Toshiba Tec e-Studio multi-function peripheral (MFP)", "vendor": "Toshiba Tec Corporation", "versions": [ { "status": "affected", "version": "see the reference URL" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "We expresses its gratitude to Pierre Barre for reporting relevant security vulnerabilities for our products." } ], "datePublic": "2024-06-14T02:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "The session cookies, used for authentication, are stored in clear-text logs. An attacker can retrieve authentication sessions. A remote attacker can retrieve the credentials and bypass the authentication mechanism. As for the affected products/models/versions, see the reference URL." } ], "value": "The session cookies, used for authentication, are stored in clear-text logs. An attacker can retrieve authentication sessions. A remote attacker can retrieve the credentials and bypass the authentication mechanism. As for the affected products/models/versions, see the reference URL." } ], "exploits": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "We are not aware of any malicious exploitation by these vulnerabilities.\u003cbr\u003e" } ], "value": "We are not aware of any malicious exploitation by these vulnerabilities." } ], "impacts": [ { "capecId": "CAPEC-37", "descriptions": [ { "lang": "en", "value": "CAPEC-37 Retrieve Embedded Sensitive Data" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-532", "description": "CWE-532 Insertion of Sensitive Information into Log File", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-14T03:20:49.798Z", "orgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "shortName": "Toshiba" }, "references": [ { "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in the version released on June 14, 2024 and all later versions.\u003cbr\u003e" } ], "value": "This issue is fixed in the version released on June 14, 2024 and all later versions." } ], "source": { "discovery": "UNKNOWN" }, "timeline": [ { "lang": "en", "time": "2024-06-14T02:00:00.000Z", "value": "Fixes will be released" } ], "title": "Leak of authentication sessions in secure logs", "workarounds": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "When connecting the MFPs and printers with an outer network such as the Internet, only operate it in a network environment protected by a firewall, etc. to prevent information from being leaked due to incorrect settings or avoid illegal access by unauthorized users.\u003cbr\u003e" } ], "value": "When connecting the MFPs and printers with an outer network such as the Internet, only operate it in a network environment protected by a firewall, etc. to prevent information from being leaked due to incorrect settings or avoid illegal access by unauthorized users." } ], "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "assignerShortName": "Toshiba", "cveId": "CVE-2024-27156", "datePublished": "2024-06-14T03:20:49.798Z", "dateReserved": "2024-02-21T02:11:56.735Z", "dateUpdated": "2024-08-02T00:27:59.190Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-27171
Vulnerability from cvelistv5
Published
2024-06-14 03:59
Modified
2024-08-02 00:27
Severity ?
EPSS score ?
Summary
Insecure permissions
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Toshiba Tec Corporation | Toshiba Tec e-Studio multi-function peripheral (MFP) |
Version: see the reference URL |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2521_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2521_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2020_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2020_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2520_nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2520_nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2021_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2021_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3025_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3025_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3028-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3028-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6526-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6526-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-9029-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-9029-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-330-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-330-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-400-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-400-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2010-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2010-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2110-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2110-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2510-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2510-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2610-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2610-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3115-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3115-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-27171", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-06-14T16:02:13.929343Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-14T16:02:21.588Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T00:27:59.659Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "tags": [ "x_transferred" ], "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Linux" ], "product": "Toshiba Tec e-Studio multi-function peripheral (MFP)", "vendor": "Toshiba Tec Corporation", "versions": [ { "status": "affected", "version": "see the reference URL" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "We expresses its gratitude to Pierre Barre for reporting relevant security vulnerabilities for our products." } ], "datePublic": "2024-06-14T02:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "A remote attacker using the insecure upload functionality will be able to overwrite any Python file and get Remote Code Execution. As for the affected products/models/versions, see the reference URL." } ], "value": "A remote attacker using the insecure upload functionality will be able to overwrite any Python file and get Remote Code Execution. As for the affected products/models/versions, see the reference URL." } ], "exploits": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "We are not aware of any malicious exploitation by these vulnerabilities.\u003cbr\u003e" } ], "value": "We are not aware of any malicious exploitation by these vulnerabilities." } ], "impacts": [ { "capecId": "CAPEC-180", "descriptions": [ { "lang": "en", "value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-276", "description": "CWE-276 Incorrect Default Permissions", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-14T03:59:24.365Z", "orgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "shortName": "Toshiba" }, "references": [ { "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in the version released on June 14, 2024 and all later versions.\u003cbr\u003e" } ], "value": "This issue is fixed in the version released on June 14, 2024 and all later versions." } ], "source": { "discovery": "UNKNOWN" }, "timeline": [ { "lang": "en", "time": "2024-06-14T02:00:00.000Z", "value": "Fixes will be released" } ], "title": "Insecure permissions", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "assignerShortName": "Toshiba", "cveId": "CVE-2024-27171", "datePublished": "2024-06-14T03:59:24.365Z", "dateReserved": "2024-02-21T02:12:01.820Z", "dateUpdated": "2024-08-02T00:27:59.659Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-27152
Vulnerability from cvelistv5
Published
2024-06-14 02:55
Modified
2024-08-02 00:28
Severity ?
EPSS score ?
Summary
Local Privilege Escalation and Remote Code Execution using insecure permissions
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Toshiba Tec Corporation | Toshiba Tec e-Studio multi-function peripheral (MFP) |
Version: see the reference URL |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2521_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2521_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2020_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2020_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2520_nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2520_nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2021_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2021_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3025_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3025_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3028-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3028-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6526-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6526-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-9029-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-9029-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-330-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-330-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-400-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-400-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2010-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2010-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2110-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2110-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2510-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2510-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2610-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2610-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3115-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3115-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4515_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4515_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4615_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4615_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5015_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5015_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5115_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5115_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2518_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2518_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2618_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2618_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-27152", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-06-14T16:00:20.671639Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-14T19:49:44.802Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T00:28:00.262Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "tags": [ "x_transferred" ], "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Linux" ], "product": "Toshiba Tec e-Studio multi-function peripheral (MFP)", "vendor": "Toshiba Tec Corporation", "versions": [ { "status": "affected", "version": "see the reference URL" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "We expresses its gratitude to Pierre Barre for reporting relevant security vulnerabilities for our products." } ], "datePublic": "2024-06-14T02:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. As for the affected products/models/versions, see the reference URL." } ], "value": "The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. As for the affected products/models/versions, see the reference URL." } ], "exploits": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "We are not aware of any malicious exploitation by these vulnerabilities.\u003cbr\u003e" } ], "value": "We are not aware of any malicious exploitation by these vulnerabilities." } ], "impacts": [ { "capecId": "CAPEC-180", "descriptions": [ { "lang": "en", "value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-276", "description": "CWE-276 Incorrect Default Permissions", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-14T02:55:47.014Z", "orgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "shortName": "Toshiba" }, "references": [ { "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in the version released on June 14, 2024 and all later versions.\u003cbr\u003e" } ], "value": "This issue is fixed in the version released on June 14, 2024 and all later versions." } ], "source": { "discovery": "UNKNOWN" }, "timeline": [ { "lang": "en", "time": "2024-06-14T02:00:00.000Z", "value": "Fixes will be released" } ], "title": "Local Privilege Escalation and Remote Code Execution using insecure permissions", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "assignerShortName": "Toshiba", "cveId": "CVE-2024-27152", "datePublished": "2024-06-14T02:55:47.014Z", "dateReserved": "2024-02-21T02:11:56.734Z", "dateUpdated": "2024-08-02T00:28:00.262Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-27148
Vulnerability from cvelistv5
Published
2024-06-14 02:46
Modified
2024-08-02 00:27
Severity ?
EPSS score ?
Summary
Local Privilege Escalation and Remote Code Execution using insecure PATH
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Toshiba Tec Corporation | Toshiba Tec e-Studio multi-function peripheral (MFP) |
Version: see the reference URL |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2521_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2521_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2020_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2020_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2520_nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2520_nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2021_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2021_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3025_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3025_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3028-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3028-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6526-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6526-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-9029-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-9029-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-330-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-330-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-400-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-400-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2010-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2010-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2110-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2110-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2510-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2510-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2610-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2610-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3115-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3115-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4515_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4515_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4615_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4615_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5015_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5015_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5115_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5115_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2518_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2518_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2618_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2618_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-27148", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-06-14T16:50:30.313196Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-14T19:53:18.740Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T00:27:59.657Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "tags": [ "x_transferred" ], "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Linux" ], "product": "Toshiba Tec e-Studio multi-function peripheral (MFP)", "vendor": "Toshiba Tec Corporation", "versions": [ { "status": "affected", "version": "see the reference URL" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "We expresses its gratitude to Pierre Barre for reporting relevant security vulnerabilities for our products." } ], "datePublic": "2024-06-14T02:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. As for the affected products/models/versions, see the reference URL." } ], "value": "The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. As for the affected products/models/versions, see the reference URL." } ], "exploits": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "We are not aware of any malicious exploitation by these vulnerabilities.\u003cbr\u003e" } ], "value": "We are not aware of any malicious exploitation by these vulnerabilities." } ], "impacts": [ { "capecId": "CAPEC-180", "descriptions": [ { "lang": "en", "value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-276", "description": "CWE-276 Incorrect Default Permissions", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-14T02:46:20.549Z", "orgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "shortName": "Toshiba" }, "references": [ { "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in the version released on June 14, 2024 and all later versions.\u003cbr\u003e" } ], "value": "This issue is fixed in the version released on June 14, 2024 and all later versions." } ], "source": { "discovery": "UNKNOWN" }, "timeline": [ { "lang": "en", "time": "2024-06-14T02:00:00.000Z", "value": "Fixes will be released" } ], "title": "Local Privilege Escalation and Remote Code Execution using insecure PATH", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "assignerShortName": "Toshiba", "cveId": "CVE-2024-27148", "datePublished": "2024-06-14T02:46:20.549Z", "dateReserved": "2024-02-21T02:11:53.252Z", "dateUpdated": "2024-08-02T00:27:59.657Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-27143
Vulnerability from cvelistv5
Published
2024-06-14 02:29
Modified
2024-08-02 00:27
Severity ?
EPSS score ?
Summary
Pre-authenticated Remote Code Execution
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Toshiba Tec Corporation | Toshiba Tec e-Studio multi-function peripheral (MFP) |
Version: see the reference URL |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2521_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2521_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2020_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2020_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2520_nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2520_nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2021_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2021_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3025_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3025_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3028-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3028-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6526-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6526-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-9029-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-9029-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-330-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-330-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-400-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-400-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2010-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2010-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2110-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2110-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2510-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2510-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2610-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2610-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3115-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3115-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4515_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4515_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4615_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4615_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5015_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5015_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5115_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5115_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2518_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2518_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2618_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2618_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-27143", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-06-14T16:53:22.644604Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-14T19:55:02.234Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T00:27:59.780Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "tags": [ "x_transferred" ], "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Linux" ], "product": "Toshiba Tec e-Studio multi-function peripheral (MFP)", "vendor": "Toshiba Tec Corporation", "versions": [ { "status": "affected", "version": "see the reference URL" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "We expresses its gratitude to Pierre Barre for reporting relevant security vulnerabilities for our products." } ], "datePublic": "2024-06-14T02:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Toshiba printers use SNMP for configuration. Using the private community, it is possible to remotely execute commands as root on the remote printer. Using this vulnerability will allow any attacker to get a root access on a remote Toshiba printer. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone.\u0026nbsp;So, the CVSS score for this vulnerability alone is lower than the score listed in the \"Base Score\" of this vulnerability.\u0026nbsp;For detail on related other vulnerabilities, please ask to the below contact point.\u003cbr\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.toshibatec.com/contacts/products/\"\u003ehttps://www.toshibatec.com/contacts/products/\u003c/a\u003e\u003cbr\u003eAs for the affected products/models/versions, see the reference URL." } ], "value": "Toshiba printers use SNMP for configuration. Using the private community, it is possible to remotely execute commands as root on the remote printer. Using this vulnerability will allow any attacker to get a root access on a remote Toshiba printer. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone.\u00a0So, the CVSS score for this vulnerability alone is lower than the score listed in the \"Base Score\" of this vulnerability.\u00a0For detail on related other vulnerabilities, please ask to the below contact point.\n https://www.toshibatec.com/contacts/products/ \nAs for the affected products/models/versions, see the reference URL." } ], "exploits": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "We are not aware of any malicious exploitation by these vulnerabilities.\u003cbr\u003e" } ], "value": "We are not aware of any malicious exploitation by these vulnerabilities." } ], "impacts": [ { "capecId": "CAPEC-122", "descriptions": [ { "lang": "en", "value": "CAPEC-122 Privilege Abuse" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-250", "description": "CWE-250: Execution with Unnecessary Privileges", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-14T02:29:54.997Z", "orgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "shortName": "Toshiba" }, "references": [ { "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in the version released on June 14, 2024 and all later versions.\u003cbr\u003e" } ], "value": "This issue is fixed in the version released on June 14, 2024 and all later versions." } ], "source": { "discovery": "UNKNOWN" }, "timeline": [ { "lang": "en", "time": "2024-06-14T02:00:00.000Z", "value": "Fixes will be released" } ], "title": "Pre-authenticated Remote Code Execution", "workarounds": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "When connecting the MFPs and printers with an outer network such as the Internet, only operate it in a network environment protected by a firewall, etc. to prevent information from being leaked due to incorrect settings or avoid illegal access by unauthorized users.\u003cbr\u003e" } ], "value": "When connecting the MFPs and printers with an outer network such as the Internet, only operate it in a network environment protected by a firewall, etc. to prevent information from being leaked due to incorrect settings or avoid illegal access by unauthorized users." } ], "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "assignerShortName": "Toshiba", "cveId": "CVE-2024-27143", "datePublished": "2024-06-14T02:29:54.997Z", "dateReserved": "2024-02-21T02:11:53.250Z", "dateUpdated": "2024-08-02T00:27:59.780Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-27168
Vulnerability from cvelistv5
Published
2024-06-14 03:53
Modified
2024-08-02 00:27
Severity ?
EPSS score ?
Summary
Hardcoded keys used to generate authentication cookies
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Toshiba Tec Corporation | Toshiba Tec e-Studio multi-function peripheral (MFP) |
Version: see the reference URL |
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-27168", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-14T18:49:02.609253Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-14T18:49:09.738Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T00:27:59.645Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "tags": [ "x_transferred" ], "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Linux" ], "product": "Toshiba Tec e-Studio multi-function peripheral (MFP)", "vendor": "Toshiba Tec Corporation", "versions": [ { "status": "affected", "version": "see the reference URL" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "We expresses its gratitude to Pierre Barre for reporting relevant security vulnerabilities for our products." } ], "datePublic": "2024-06-14T02:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "It appears that some hardcoded keys are used for authentication to internal API. Knowing these private keys may allow attackers to bypass authentication and reach administrative interfaces. As for the affected products/models/versions, see the reference URL." } ], "value": "It appears that some hardcoded keys are used for authentication to internal API. Knowing these private keys may allow attackers to bypass authentication and reach administrative interfaces. As for the affected products/models/versions, see the reference URL." } ], "exploits": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "We are not aware of any malicious exploitation by these vulnerabilities.\u003cbr\u003e" } ], "value": "We are not aware of any malicious exploitation by these vulnerabilities." } ], "impacts": [ { "capecId": "CAPEC-37", "descriptions": [ { "lang": "en", "value": "CAPEC-37 Retrieve Embedded Sensitive Data" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-798", "description": "CWE-798 Use of Hard-coded Credentials", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-14T03:53:58.804Z", "orgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "shortName": "Toshiba" }, "references": [ { "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in the version released on June 14, 2024 and all later versions.\u003cbr\u003e" } ], "value": "This issue is fixed in the version released on June 14, 2024 and all later versions." } ], "source": { "discovery": "UNKNOWN" }, "timeline": [ { "lang": "en", "time": "2024-06-14T02:00:00.000Z", "value": "Fixes will be released" } ], "title": "Hardcoded keys used to generate authentication cookies", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "assignerShortName": "Toshiba", "cveId": "CVE-2024-27168", "datePublished": "2024-06-14T03:53:58.804Z", "dateReserved": "2024-02-21T02:11:59.653Z", "dateUpdated": "2024-08-02T00:27:59.645Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-27145
Vulnerability from cvelistv5
Published
2024-06-14 02:33
Modified
2024-08-02 00:27
Severity ?
EPSS score ?
Summary
Multiple Post-authenticated Remote Code Execution
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Toshiba Tec Corporation | Toshiba Tec e-Studio multi-function peripheral (MFP) |
Version: see the reference URL |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2521_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2521_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2020_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2020_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2520_nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2520_nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2021_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2021_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3025_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3025_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6525_acg:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6525_acg", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3028-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3028-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4528-ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4528-ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6528-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6528-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6526-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6526-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7527-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7527-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-6529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-6529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-7529-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-7529-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-9029-a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-9029-a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-330-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-330-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-400-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-400-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2010-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2010-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2110-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2110-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2510-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2510-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2610-ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2610-ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3015-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3015-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3115-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3115-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3515-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3515-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3615-nc:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3615-nc", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4515_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4515_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-4615_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-4615_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5015_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5015_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-5115_ac:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-5115_ac", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2518_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2518_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-2618_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-2618_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3018_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3018_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_a:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_a", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:h:toshibatec:e-studio-3118_ag:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "e-studio-3118_ag", "vendor": "toshibatec", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-27145", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-06-14T16:52:12.924452Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-14T19:54:24.650Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T00:27:59.725Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "tags": [ "x_transferred" ], "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "tags": [ "x_transferred" ], "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Linux" ], "product": "Toshiba Tec e-Studio multi-function peripheral (MFP)", "vendor": "Toshiba Tec Corporation", "versions": [ { "status": "affected", "version": "see the reference URL" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "We expresses its gratitude to Pierre Barre for reporting relevant security vulnerabilities for our products." } ], "datePublic": "2024-06-14T02:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "The Toshiba printers provide several ways to upload files using the admin web interface. An attacker can remotely compromise any Toshiba printer. An attacker can overwrite any insecure files.\u0026nbsp;This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone.\u0026nbsp;So, the CVSS score for this vulnerability alone is lower than the score listed in the \"Base Score\" of this vulnerability.\u0026nbsp;For detail on related other vulnerabilities, please ask to the below contact point.\u003cbr\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.toshibatec.com/contacts/products/\"\u003ehttps://www.toshibatec.com/contacts/products/\u003c/a\u003e\u003cbr\u003eAs for the affected products/models/versions, see the reference URL." } ], "value": "The Toshiba printers provide several ways to upload files using the admin web interface. An attacker can remotely compromise any Toshiba printer. An attacker can overwrite any insecure files.\u00a0This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone.\u00a0So, the CVSS score for this vulnerability alone is lower than the score listed in the \"Base Score\" of this vulnerability.\u00a0For detail on related other vulnerabilities, please ask to the below contact point.\n https://www.toshibatec.com/contacts/products/ \nAs for the affected products/models/versions, see the reference URL." } ], "exploits": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "We are not aware of any malicious exploitation by these vulnerabilities.\u003cbr\u003e" } ], "value": "We are not aware of any malicious exploitation by these vulnerabilities." } ], "impacts": [ { "capecId": "CAPEC-126", "descriptions": [ { "lang": "en", "value": "CAPEC-126 Path Traversal" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-22", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-14T02:33:34.694Z", "orgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "shortName": "Toshiba" }, "references": [ { "url": "https://www.toshibatec.com/information/20240531_01.html" }, { "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf" }, { "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html" }, { "url": "http://seclists.org/fulldisclosure/2024/Jul/1" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in the version released on June 14, 2024 and all later versions.\u003cbr\u003e" } ], "value": "This issue is fixed in the version released on June 14, 2024 and all later versions." } ], "source": { "discovery": "UNKNOWN" }, "timeline": [ { "lang": "en", "time": "2024-06-14T02:00:00.000Z", "value": "Fixes will be released" } ], "title": "Multiple Post-authenticated Remote Code Execution", "workarounds": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "When connecting the MFPs and printers with an outer network such as the Internet, only operate it in a network environment protected by a firewall, etc. to prevent information from being leaked due to incorrect settings or avoid illegal access by unauthorized users.\u003cbr\u003e" } ], "value": "When connecting the MFPs and printers with an outer network such as the Internet, only operate it in a network environment protected by a firewall, etc. to prevent information from being leaked due to incorrect settings or avoid illegal access by unauthorized users." } ], "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "ecc0f906-8666-484c-bcf8-c3b7520a72f0", "assignerShortName": "Toshiba", "cveId": "CVE-2024-27145", "datePublished": "2024-06-14T02:33:34.694Z", "dateReserved": "2024-02-21T02:11:53.251Z", "dateUpdated": "2024-08-02T00:27:59.725Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.