nvd-json-data-feeds/CVE-2024/CVE-2024-470xx/CVE-2024-47005.json

{
  "id": "CVE-2024-47005",
  "sourceIdentifier": "vultures@jpcert.or.jp",
  "published": "2024-10-25T07:15:04.063",
  "lastModified": "2024-10-25T12:56:07.750",
  "vulnStatus": "Awaiting Analysis",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Sharp and Toshiba Tec MFPs provide configuration related APIs. They are expected to be called by administrative users only, but insufficiently restricted.\r\nA non-administrative user may execute some configuration APIs."
    },
    {
      "lang": "es",
      "value": "Las impresoras multifunci\u00f3n Sharp y Toshiba Tec ofrecen API relacionadas con la configuraci\u00f3n. Se espera que solo los usuarios administrativos puedan llamarlas, pero no est\u00e1n lo suficientemente restringidas. Un usuario no administrativo puede ejecutar algunas API de configuraci\u00f3n."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "vultures@jpcert.or.jp",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "NONE",
          "baseScore": 8.1,
          "baseSeverity": "HIGH"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.2
      }
    ]
  },
  "weaknesses": [
    {
      "source": "vultures@jpcert.or.jp",
      "type": "Secondary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-749"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://global.sharp/products/copier/info/info_security_2024-10.html",
      "source": "vultures@jpcert.or.jp"
    },
    {
      "url": "https://jvn.jp/en/vu/JVNVU95063136/",
      "source": "vultures@jpcert.or.jp"
    },
    {
      "url": "https://www.toshibatec.com/information/20241025_01.html",
      "source": "vultures@jpcert.or.jp"
    }
  ]
}
Auto-Update: 2024-10-25T08:00:48.119807+00:00 2024-10-25 08:03:48 +00:00			`{`
			`"id": "CVE-2024-47005",`
			`"sourceIdentifier": "vultures@jpcert.or.jp",`
			`"published": "2024-10-25T07:15:04.063",`
Auto-Update: 2024-10-25T14:00:49.744998+00:00 2024-10-25 14:03:50 +00:00			`"lastModified": "2024-10-25T12:56:07.750",`
			`"vulnStatus": "Awaiting Analysis",`
Auto-Update: 2024-10-25T08:00:48.119807+00:00 2024-10-25 08:03:48 +00:00			`"cveTags": [],`
			`"descriptions": [`
			`{`
			`"lang": "en",`
			`"value": "Sharp and Toshiba Tec MFPs provide configuration related APIs. They are expected to be called by administrative users only, but insufficiently restricted.\r\nA non-administrative user may execute some configuration APIs."`
Auto-Update: 2024-10-25T14:00:49.744998+00:00 2024-10-25 14:03:50 +00:00			`},`
			`{`
			`"lang": "es",`
			`"value": "Las impresoras multifunci\u00f3n Sharp y Toshiba Tec ofrecen API relacionadas con la configuraci\u00f3n. Se espera que solo los usuarios administrativos puedan llamarlas, pero no est\u00e1n lo suficientemente restringidas. Un usuario no administrativo puede ejecutar algunas API de configuraci\u00f3n."`
Auto-Update: 2024-10-25T08:00:48.119807+00:00 2024-10-25 08:03:48 +00:00			`}`
			`],`
			`"metrics": {`
			`"cvssMetricV31": [`
			`{`
			`"source": "vultures@jpcert.or.jp",`
			`"type": "Secondary",`
			`"cvssData": {`
			`"version": "3.1",`
			`"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",`
			`"attackVector": "NETWORK",`
			`"attackComplexity": "LOW",`
			`"privilegesRequired": "LOW",`
			`"userInteraction": "NONE",`
			`"scope": "UNCHANGED",`
			`"confidentialityImpact": "HIGH",`
			`"integrityImpact": "HIGH",`
			`"availabilityImpact": "NONE",`
			`"baseScore": 8.1,`
			`"baseSeverity": "HIGH"`
			`},`
			`"exploitabilityScore": 2.8,`
			`"impactScore": 5.2`
			`}`
			`]`
			`},`
			`"weaknesses": [`
			`{`
			`"source": "vultures@jpcert.or.jp",`
			`"type": "Secondary",`
			`"description": [`
			`{`
			`"lang": "en",`
			`"value": "CWE-749"`
			`}`
			`]`
			`}`
			`],`
			`"references": [`
			`{`
Auto-Update: 2024-10-25T10:01:05.766132+00:00 2024-10-25 10:04:05 +00:00			`"url": "https://global.sharp/products/copier/info/info_security_2024-10.html",`
Auto-Update: 2024-10-25T08:00:48.119807+00:00 2024-10-25 08:03:48 +00:00			`"source": "vultures@jpcert.or.jp"`
			`},`
			`{`
			`"url": "https://jvn.jp/en/vu/JVNVU95063136/",`
			`"source": "vultures@jpcert.or.jp"`
			`},`
			`{`
			`"url": "https://www.toshibatec.com/information/20241025_01.html",`
			`"source": "vultures@jpcert.or.jp"`
			`}`
			`]`
			`}`