Lucene search

IcscertCVE-2019-10948

HistoryApr 30, 2019 - 5:29 p.m.

CVE-2019-10948

2019-04-3017:29:00

CWE-400

icscert

web.nvd.nist.gov

fujifilm

fcr

capsula x

carbon x

fcr xc-2

cr-ir 357

fcr carbon x

cr-ir 357

fcr xc-2

fcr-ir 357

denial-of-service

tcp

overflow

vulnerability

nvd

cve-2019-10948

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

41.4%

JSON

Fujifilm FCR Capsula X/ Carbon X/ FCR XC-2, model versions CR-IR 357 FCR Carbon X, CR-IR 357 FCR XC-2, FCR-IR 357 FCR Capsula X are susceptible to a denial-of-service condition as a result of an overflow of TCP packets, which requires the device to be manually rebooted.

Affected configurations

Nvd

Node

fujifilmcr-ir_357_fcr_carbon_x_firmwareMatch-

AND

fujifilmcr-ir_357_fcr_carbon_xMatch-

Node

fujifilmcr-ir_357_fcr_xc-2_firmwareMatch-

AND

fujifilmcr-ir_357_fcr_xc-2Match-

Node

fujifilmcr-ir_357_fcr_capsula_x_firmwareMatch-

AND

fujifilmcr-ir_357_fcr_capsula_xMatch-

VendorProductVersionCPE
fujifilmcr-ir_357_fcr_carbon_x_firmware-cpe:2.3:o:fujifilm:cr-ir_357_fcr_carbon_x_firmware:-:*:*:*:*:*:*:*
fujifilmcr-ir_357_fcr_carbon_x-cpe:2.3:h:fujifilm:cr-ir_357_fcr_carbon_x:-:*:*:*:*:*:*:*
fujifilmcr-ir_357_fcr_xc-2_firmware-cpe:2.3:o:fujifilm:cr-ir_357_fcr_xc-2_firmware:-:*:*:*:*:*:*:*
fujifilmcr-ir_357_fcr_xc-2-cpe:2.3:h:fujifilm:cr-ir_357_fcr_xc-2:-:*:*:*:*:*:*:*
fujifilmcr-ir_357_fcr_capsula_x_firmware-cpe:2.3:o:fujifilm:cr-ir_357_fcr_capsula_x_firmware:-:*:*:*:*:*:*:*
fujifilmcr-ir_357_fcr_capsula_x-cpe:2.3:h:fujifilm:cr-ir_357_fcr_capsula_x:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
fujifilm	cr-ir_357_fcr_carbon_x_firmware	-	cpe:2.3:o:fujifilm:cr-ir_357_fcr_carbon_x_firmware:-:::::::*
fujifilm	cr-ir_357_fcr_carbon_x	-	cpe:2.3:h:fujifilm:cr-ir_357_fcr_carbon_x:-:::::::*
fujifilm	cr-ir_357_fcr_xc-2_firmware	-	cpe:2.3:o:fujifilm:cr-ir_357_fcr_xc-2_firmware:-:::::::*
fujifilm	cr-ir_357_fcr_xc-2	-	cpe:2.3:h:fujifilm:cr-ir_357_fcr_xc-2:-:::::::*
fujifilm	cr-ir_357_fcr_capsula_x_firmware	-	cpe:2.3:o:fujifilm:cr-ir_357_fcr_capsula_x_firmware:-:::::::*
fujifilm	cr-ir_357_fcr_capsula_x	-	cpe:2.3:h:fujifilm:cr-ir_357_fcr_capsula_x:-:::::::*

CNA Affected

[
  {
    "product": "Fujifilm FCR Capsula X/ Carbon X",
    "vendor": "Fujifilm",
    "versions": [
      {
        "status": "affected",
        "version": "CR-IR 357 FCR Carbon X"
      },
      {
        "status": "affected",
        "version": "CR-IR 357 FCR XC-2"
      },
      {
        "status": "affected",
        "version": "FCR-IR 357 FCR Capsula X"
      }
    ]
  }
]

References

ics-cert.us-cert.gov/advisories/ICSMA-19-113-01

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

41.4%

JSON

Related for CVE-2019-10948