Fujitsu Real-time Video Transmission Gear "IP series" use hard-coded credentials, which may allow a remote unauthenticated attacker to initialize or reboot the products, and as a result, terminate the video transmission. Affected products and versions are as follows: IP-HE950E firmware versions V01L001 to V01L053, IP-HE950D firmware versions V01L001 to V01L053, IP-HE900E firmware versions V01L001 to V01L010, IP-HE900D firmware versions V01L001 to V01L004, IP-900E / IP-920E firmware versions V01L001 to V02L061, IP-900D / IP-900?D / IP-920D firmware versions V01L001 to V02L061, IP-90 firmware versions V01L001 to V01L013, and IP-9610 firmware versions V01L001 to V02L007.
References
Link | Resource |
---|---|
https://jvn.jp/en/jp/JVN95727578/ | Third Party Advisory |
https://www.fujitsu.com/global/products/computing/peripheral/video/download/ | Product |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
Configuration 10 (hide)
AND |
|
Configuration 11 (hide)
AND |
|
History
03 Aug 2023, 15:03
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-798 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
References | (MISC) https://www.fujitsu.com/global/products/computing/peripheral/video/download/ - Product | |
References | (MISC) https://jvn.jp/en/jp/JVN95727578/ - Third Party Advisory | |
CPE | cpe:2.3:o:fujitsu:ip-he900d_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:fujitsu:ip-900d:-:*:*:*:*:*:*:* cpe:2.3:o:fujitsu:ip-he950e_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:fujitsu:ip-he900d:-:*:*:*:*:*:*:* cpe:2.3:h:fujitsu:ip-9610:-:*:*:*:*:*:*:* cpe:2.3:o:fujitsu:ip-920d_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:fujitsu:ip-900iid:-:*:*:*:*:*:*:* cpe:2.3:o:fujitsu:ip-9610_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:fujitsu:ip-he900e_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:fujitsu:ip-900e_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:fujitsu:ip-he900e:-:*:*:*:*:*:*:* cpe:2.3:o:fujitsu:ip-900iid_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:fujitsu:ip-900d_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:fujitsu:ip-he950e:-:*:*:*:*:*:*:* cpe:2.3:h:fujitsu:ip-920d:-:*:*:*:*:*:*:* cpe:2.3:o:fujitsu:ip-920e_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:fujitsu:ip-he950d:-:*:*:*:*:*:*:* cpe:2.3:h:fujitsu:ip-920e:-:*:*:*:*:*:*:* cpe:2.3:o:fujitsu:ip-he950d_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:fujitsu:ip-90:-:*:*:*:*:*:*:* cpe:2.3:o:fujitsu:ip-90_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:fujitsu:ip-900e:-:*:*:*:*:*:*:* |
|
First Time |
Fujitsu ip-he950e Firmware
Fujitsu ip-he950d Fujitsu ip-900e Fujitsu Fujitsu ip-920d Fujitsu ip-he900e Fujitsu ip-90 Firmware Fujitsu ip-900iid Fujitsu ip-he900d Firmware Fujitsu ip-900iid Firmware Fujitsu ip-90 Fujitsu ip-he900e Firmware Fujitsu ip-he950e Fujitsu ip-900e Firmware Fujitsu ip-900d Fujitsu ip-920e Fujitsu ip-9610 Firmware Fujitsu ip-920e Firmware Fujitsu ip-900d Firmware Fujitsu ip-9610 Fujitsu ip-he900d Fujitsu ip-he950d Firmware Fujitsu ip-920d Firmware |
26 Jul 2023, 08:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-07-26 08:15
Updated : 2024-02-28 20:33
NVD link : CVE-2023-38433
Mitre link : CVE-2023-38433
CVE.ORG link : CVE-2023-38433
JSON object : View
Products Affected
fujitsu
- ip-90
- ip-he900d_firmware
- ip-900iid
- ip-900iid_firmware
- ip-he900e
- ip-920d_firmware
- ip-900d_firmware
- ip-he950e
- ip-920d
- ip-he950e_firmware
- ip-900d
- ip-he900d
- ip-90_firmware
- ip-he950d_firmware
- ip-920e
- ip-9610
- ip-he900e_firmware
- ip-920e_firmware
- ip-900e
- ip-he950d
- ip-900e_firmware
- ip-9610_firmware
CWE
CWE-798
Use of Hard-coded Credentials