"FFRI yarai", "FFRI yarai Home and Business Edition" and their OEM products handle exceptional conditions improperly, which may lead to denial-of-service (DoS) condition.
Affected products and versions are as follows: FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0, FFRI yarai Home and Business Edition version 1.4.0, InfoTrace Mark II Malware Protection (Mark II Zerona) versions 3.0.1 to 3.2.2, Zerona / Zerona PLUS versions 3.2.32 to 3.2.36, ActSecure ? versions 3.4.0 to 3.4.6 and 3.5.0, Dual Safe Powered by FFRI yarai version 1.4.1, EDR Plus Pack (Bundled FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0), and EDR Plus Pack Cloud (Bundled FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0).
References
| Link | Resource |
|---|---|
| https://jvn.jp/en/jp/JVN42527152/ | Third Party Advisory |
| https://www.ffri.jp/security-info/index.htm | Vendor Advisory |
| https://www.skyseaclientview.net/news/230807_01/ | Third Party Advisory |
| https://www.soliton.co.jp/support/zerona_notice_2023.html | Third Party Advisory |
| https://www.sourcenext.com/support/i/2023/230718_01 | Third Party Advisory |
| https://www.support.nec.co.jp/View.aspx?id=3140109240 | Permissions Required |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
History
22 Aug 2023, 22:14
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:a:soliton:zerona:*:*:*:*:*:*:*:* cpe:2.3:a:soliton:zerona_plus:*:*:*:*:*:*:*:* cpe:2.3:a:ffri:ffri_yarai:*:*:*:*:-:*:*:* cpe:2.3:a:ffri:ffri_yarai:3.5.0:*:*:*:-:*:*:* cpe:2.3:a:ffri:ffri_yarai:1.4.0:*:*:*:home_and_business:*:*:* cpe:2.3:a:ffri:dual_safe:1.4.1:*:*:*:*:*:*:* cpe:2.3:a:nec:actsecure_x_managed_security_service:*:*:*:*:*:*:*:* cpe:2.3:a:nec:actsecure_x_managed_security_service:3.5.0:*:*:*:*:*:*:* cpe:2.3:a:skygroup:edr_plus_pack:*:*:*:*:*:*:*:* cpe:2.3:a:skygroup:edr_plus_pack_cloud:*:*:*:*:*:*:*:* cpe:2.3:a:soliton:infotrace_mark_ii_malware_protection:*:*:*:*:*:*:*:* cpe:2.3:a:skygroup:edr_plus_pack_cloud:3.5.0:*:*:*:*:*:*:* cpe:2.3:a:skygroup:edr_plus_pack:3.5.0:*:*:*:*:*:*:* |
|
| First Time |
Soliton zerona Plus
Skygroup Skygroup edr Plus Pack Soliton Soliton zerona Ffri dual Safe Skygroup edr Plus Pack Cloud Soliton infotrace Mark Ii Malware Protection Nec actsecure X Managed Security Service Ffri ffri Yarai Nec Ffri |
|
| CWE | CWE-755 | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 3.3 |
| References | (MISC) https://www.support.nec.co.jp/View.aspx?id=3140109240 - Permissions Required | |
| References | (MISC) https://www.skyseaclientview.net/news/230807_01/ - Third Party Advisory | |
| References | (MISC) https://www.sourcenext.com/support/i/2023/230718_01 - Third Party Advisory | |
| References | (MISC) https://www.ffri.jp/security-info/index.htm - Vendor Advisory | |
| References | (MISC) https://www.soliton.co.jp/support/zerona_notice_2023.html - Third Party Advisory | |
| References | (MISC) https://jvn.jp/en/jp/JVN42527152/ - Third Party Advisory |
09 Aug 2023, 03:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-08-09 03:15
Updated : 2024-02-28 20:33
NVD link : CVE-2023-39341
Mitre link : CVE-2023-39341
CVE.ORG link : CVE-2023-39341
JSON object : View
Products Affected
soliton
- zerona_plus
- infotrace_mark_ii_malware_protection
- zerona
ffri
- ffri_yarai
- dual_safe
skygroup
- edr_plus_pack_cloud
- edr_plus_pack
nec
- actsecure_x_managed_security_service
CWE
CWE-755
Improper Handling of Exceptional Conditions