Lucene search

[email protected]CVE-2023-38433

HistoryJul 26, 2023 - 8:15 a.m.

CVE-2023-38433

2023-07-2608:15:10

CWE-798

[email protected]

web.nvd.nist.gov

cve-2023-38433

fujitsu

real-time video transmission gear

ip series

hard-coded credentials

vulnerability

nvd

security

firmware

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.5 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.9%

JSON

Fujitsu Real-time Video Transmission Gear “IP series” use hard-coded credentials, which may allow a remote unauthenticated attacker to initialize or reboot the products, and as a result, terminate the video transmission. Affected products and versions are as follows: IP-HE950E firmware versions V01L001 to V01L053, IP-HE950D firmware versions V01L001 to V01L053, IP-HE900E firmware versions V01L001 to V01L010, IP-HE900D firmware versions V01L001 to V01L004, IP-900E / IP-920E firmware versions V01L001 to V02L061, IP-900D / IP-900ⅡD / IP-920D firmware versions V01L001 to V02L061, IP-90 firmware versions V01L001 to V01L013, and IP-9610 firmware versions V01L001 to V02L007.

Affected configurations

NVD

Node

fujitsuip-he950e_firmwareRangev01l001–v01l053

AND

fujitsuip-he950eMatch-

Node

fujitsuip-he950d_firmwareRangev01l001–v01l053

AND

fujitsuip-he950dMatch-

Node

fujitsuip-he900e_firmwareRangev01l001–v01l010

AND

fujitsuip-he900eMatch-

Node

fujitsuip-he900d_firmwareRangev01l001–v01l004

AND

fujitsuip-he900dMatch-

Node

fujitsuip-900e_firmwareRangev01l001–v02l061

AND

fujitsuip-900eMatch-

Node

fujitsuip-920e_firmwareRangev01l001–v02l061

AND

fujitsuip-920eMatch-

Node

fujitsuip-900d_firmwareRangev01l001–v02l061

AND

fujitsuip-900dMatch-

Node

fujitsuip-900iid_firmwareRangev01l001–v02l061

AND

fujitsuip-900iidMatch-

Node

fujitsuip-920d_firmwareRangev01l001–v02l061

AND

fujitsuip-920dMatch-

Node

fujitsuip-90_firmwareRangev01l001–v01l013

AND

fujitsuip-90Match-

Node

fujitsuip-9610_firmwareRangev01l001–v02l007

AND

fujitsuip-9610Match-

CPENameOperatorVersion
fujitsu:ip-he950e_firmwarefujitsu ip-he950e firmwarelev01l053

CPE	Name	Operator	Version
fujitsu:ip-he950e_firmware	fujitsu ip-he950e firmware	le	v01l053

CNA Affected

[
  {
    "vendor": "Fujitsu Limited ",
    "product": "IP-HE950E",
    "versions": [
      {
        "version": "firmware versions V01L001 to V01L053",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Fujitsu Limited ",
    "product": "IP-HE950D",
    "versions": [
      {
        "version": "firmware versions V01L001 to V01L053",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Fujitsu Limited ",
    "product": "IP-HE900E",
    "versions": [
      {
        "version": "firmware versions V01L001 to V01L010",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Fujitsu Limited ",
    "product": "IP-HE900D",
    "versions": [
      {
        "version": "firmware versions V01L001 to V01L004",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Fujitsu Limited ",
    "product": "IP-900E / IP-920E",
    "versions": [
      {
        "version": "firmware versions V01L001 to V02L061",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Fujitsu Limited ",
    "product": "IP-900D / IP-900ⅡD / IP-920D",
    "versions": [
      {
        "version": "firmware versions V01L001 to V02L061",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Fujitsu Limited ",
    "product": "IP-90",
    "versions": [
      {
        "version": "firmware versions V01L001 to V01L013",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Fujitsu Limited ",
    "product": "IP-9610",
    "versions": [
      {
        "version": "firmware versions V01L001 to V02L007",
        "status": "affected"
      }
    ]
  }
]