mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
72 lines
3.1 KiB
JSON
72 lines
3.1 KiB
JSON
{
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"data_version": "4.0",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2023-23545",
|
|
"ASSIGNER": "vultures@jpcert.or.jp",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "T&D Corporation and ESPEC MIC CORP.",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "T&D Corporation and ESPEC MIC CORP. data logger products",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "T&D Corporation data logger products (TR-71W/72W all firmware versions, RTR-5W all firmware versions, WDR-7 all firmware versions, WDR-3 all firmware versions, and WS-2 all firmware versions), ESPEC MIC CORP. data logger products (RT-12N/RS-12N all firmware versions, RT-22BN all firmware versions, and TEU-12N all firmware versions)"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Missing authentication for critical function"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://www.tandd.com/news/detail.html?id=780",
|
|
"refsource": "MISC",
|
|
"name": "https://www.tandd.com/news/detail.html?id=780"
|
|
},
|
|
{
|
|
"url": "https://www.monitoring.especmic.co.jp/post/VulnerabilityInRT-12N_RS-12N_RT-22BNandTEU-12N",
|
|
"refsource": "MISC",
|
|
"name": "https://www.monitoring.especmic.co.jp/post/VulnerabilityInRT-12N_RS-12N_RT-22BNandTEU-12N"
|
|
},
|
|
{
|
|
"url": "https://jvn.jp/en/jp/JVN14778242/",
|
|
"refsource": "MISC",
|
|
"name": "https://jvn.jp/en/jp/JVN14778242/"
|
|
}
|
|
]
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Missing authentication for critical function exists in T&D Corporation and ESPEC MIC CORP. data logger products, which may allow a remote unauthenticated attacker to alter the product settings without authentication. Affected products and versions are as follows: T&D Corporation data logger products (TR-71W/72W all firmware versions, RTR-5W all firmware versions, WDR-7 all firmware versions, WDR-3 all firmware versions, and WS-2 all firmware versions), and ESPEC MIC CORP. data logger products (RT-12N/RS-12N all firmware versions, RT-22BN all firmware versions, and TEU-12N all firmware versions)."
|
|
}
|
|
]
|
|
}
|
|
} |