cvelist/2022/23xxx/CVE-2022-23401.json

{
    "data_type": "CVE",
    "data_format": "MITRE",
    "data_version": "4.0",
    "CVE_data_meta": {
        "ID": "CVE-2022-23401",
        "ASSIGNER": "vultures@jpcert.or.jp",
        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "vendor_name": "Yokogawa Electric Corporation",
                    "product": {
                        "product_data": [
                            {
                                "product_name": "CENTUM CS 3000",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_value": "versions from R3.08.10 to R3.09.00"
                                        }
                                    ]
                                }
                            },
                            {
                                "product_name": "CENTUM VP",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_value": "versions from R4.01.00 to R4.03.00"
                                        },
                                        {
                                            "version_value": "versions from R5.01.00 to R5.04.20"
                                        },
                                        {
                                            "version_value": "versions from R6.01.00 to R6.08.00"
                                        }
                                    ]
                                }
                            },
                            {
                                "product_name": "Exaopc",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_value": "versions from R3.72.00 to R3.79.00"
                                        }
                                    ]
                                }
                            }
                        ]
                    }
                }
            ]
        }
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "CWE-427: Uncontrolled Search Path Element"
                    }
                ]
            }
        ]
    },
    "references": {
        "reference_data": [
            {
                "refsource": "CONFIRM",
                "url": "https://web-material3.yokogawa.com/1/32094/files/YSAR-22-0001-E.pdf",
                "name": "https://web-material3.yokogawa.com/1/32094/files/YSAR-22-0001-E.pdf"
            }
        ]
    },
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "The following Yokogawa Electric products contain insecure DLL loading issues. CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, and from R6.01.00 to R6.08.00, Exaopc versions from R3.72.00 to R3.79.00."
            }
        ]
    }
}
"-Synchronized-Data." 2022-02-03 05:01:06 +00:00			`{`
			`"data_type": "CVE",`
			`"data_format": "MITRE",`
			`"data_version": "4.0",`
			`"CVE_data_meta": {`
			`"ID": "CVE-2022-23401",`
JPCERT/CC: 10CVEs for YSAR-22-0001. 2022-03-11 18:01:36 +09:00			`"ASSIGNER": "vultures@jpcert.or.jp",`
			`"STATE": "PUBLIC"`
			`},`
			`"affects": {`
			`"vendor": {`
			`"vendor_data": [`
			`{`
			`"vendor_name": "Yokogawa Electric Corporation",`
			`"product": {`
			`"product_data": [`
			`{`
			`"product_name": "CENTUM CS 3000",`
			`"version": {`
			`"version_data": [`
			`{`
			`"version_value": "versions from R3.08.10 to R3.09.00"`
			`}`
			`]`
			`}`
			`},`
			`{`
			`"product_name": "CENTUM VP",`
			`"version": {`
			`"version_data": [`
			`{`
			`"version_value": "versions from R4.01.00 to R4.03.00"`
			`},`
			`{`
			`"version_value": "versions from R5.01.00 to R5.04.20"`
			`},`
			`{`
			`"version_value": "versions from R6.01.00 to R6.08.00"`
			`}`
			`]`
			`}`
			`},`
			`{`
			`"product_name": "Exaopc",`
			`"version": {`
			`"version_data": [`
			`{`
			`"version_value": "versions from R3.72.00 to R3.79.00"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`}`
			`}`
			`]`
			`}`
			`},`
			`"problemtype": {`
			`"problemtype_data": [`
			`{`
			`"description": [`
			`{`
			`"lang": "eng",`
			`"value": "CWE-427: Uncontrolled Search Path Element"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"references": {`
			`"reference_data": [`
			`{`
			`"refsource": "CONFIRM",`
			`"url": "https://web-material3.yokogawa.com/1/32094/files/YSAR-22-0001-E.pdf",`
			`"name": "https://web-material3.yokogawa.com/1/32094/files/YSAR-22-0001-E.pdf"`
			`}`
			`]`
"-Synchronized-Data." 2022-02-03 05:01:06 +00:00			`},`
			`"description": {`
			`"description_data": [`
			`{`
			`"lang": "eng",`
JPCERT/CC: 10CVEs for YSAR-22-0001. 2022-03-11 18:01:36 +09:00			`"value": "The following Yokogawa Electric products contain insecure DLL loading issues. CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, and from R6.01.00 to R6.08.00, Exaopc versions from R3.72.00 to R3.79.00."`
"-Synchronized-Data." 2022-02-03 05:01:06 +00:00			`}`
			`]`
			`}`
JPCERT/CC: 10CVEs for YSAR-22-0001. 2022-03-11 18:01:36 +09:00			`}`