mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
68 lines
2.3 KiB
JSON
68 lines
2.3 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "ics-cert@hq.dhs.gov",
|
|
"DATE_PUBLIC": "2018-09-28T00:00:00",
|
|
"ID": "CVE-2018-17896",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "STARDOM Controllers FCJ,FCN-100,FCN-RTU, FCN-500",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "All versions prior to version X.X"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "Yokogawa"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The affected controllers utilize hard-coded credentials which may allow an attacker gain unauthorized access to the maintenance functions and obtain or modify information. This attack can be executed only during maintenance work."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "USE OF HARD-CODED CREDENTIALS CWE-798"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"name": "https://web-material3.yokogawa.com/YSAR-18-0007-E.pdf",
|
|
"refsource": "CONFIRM",
|
|
"url": "https://web-material3.yokogawa.com/YSAR-18-0007-E.pdf"
|
|
},
|
|
{
|
|
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-151-03",
|
|
"refsource": "MISC",
|
|
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-151-03"
|
|
}
|
|
]
|
|
}
|
|
} |