Vulnerabilities > Fujitsu
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-09-19 | CVE-2023-4093 | Cross-site Scripting vulnerability in Fujitsu Arconte Aurea 1.5.0.0 Reflected and persistent XSS vulnerability in Arconte Áurea, in its 1.5.0.0 version. | 6.1 |
2023-09-19 | CVE-2023-4094 | Improper Authentication vulnerability in Fujitsu Arconte Aurea 1.5.0.0 ARCONTE Aurea's authentication system, in its 1.5.0.0 version, could allow an attacker to make incorrect access requests in order to block each legitimate account and cause a denial of service. | 8.2 |
2023-09-19 | CVE-2023-4095 | Information Exposure Through Discrepancy vulnerability in Fujitsu Arconte Aurea 1.5.0.0 User enumeration vulnerability in Arconte Áurea 1.5.0.0 version. | 5.3 |
2023-09-19 | CVE-2023-4096 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Fujitsu Arconte Aurea 1.5.0.0 Weak password recovery mechanism vulnerability in Fujitsu Arconte Áurea version 1.5.0.0, which exploitation could allow an attacker to perform a brute force attack on the emailed PIN number in order to change the password of a legitimate user. | 8.2 |
2023-09-19 | CVE-2023-4092 | SQL Injection vulnerability in Fujitsu Arconte Aurea 1.5.0.0 SQL injection vulnerability in Arconte Áurea, in its 1.5.0.0 version. | 9.8 |
2023-08-07 | CVE-2023-39903 | Cleartext Storage of Sensitive Information vulnerability in Fujitsu Software Infrastructure Manager An issue was discovered in Fujitsu Software Infrastructure Manager (ISM) before 2.8.0.061. | 5.0 |
2023-08-04 | CVE-2023-39379 | Cleartext Storage of Sensitive Information vulnerability in Fujitsu Software Infrastructure Manager 2.8.0.060 Fujitsu Software Infrastructure Manager (ISM) stores sensitive information at the product's maintenance data (ismsnap) in cleartext form. | 7.5 |
2023-07-26 | CVE-2023-38433 | Use of Hard-coded Credentials vulnerability in Fujitsu products Fujitsu Real-time Video Transmission Gear "IP series" use hard-coded credentials, which may allow a remote unauthenticated attacker to initialize or reboot the products, and as a result, terminate the video transmission. | 7.5 |
2023-07-26 | CVE-2023-38555 | Improper Authentication vulnerability in Fujitsu products Authentication bypass vulnerability in Fujitsu network devices Si-R series and SR-M series allows a network-adjacent unauthenticated attacker to obtain, change, and/or reset configuration settings of the affected products. | 8.8 |
2023-02-15 | CVE-2023-22377 | XXE vulnerability in Fujitsu products Improper restriction of XML external entity reference (XXE) vulnerability exists in tsClinical Define.xml Generator all versions (v1.0.0 to v1.4.0) and tsClinical Metadata Desktop Tools Version 1.0.3 to Version 1.1.0. | 7.4 |