Vulnerabilities > Fujitsu

DATE CVE VULNERABILITY TITLE RISK
2023-07-26 CVE-2023-38555 Improper Authentication vulnerability in Fujitsu products
Authentication bypass vulnerability in Fujitsu network devices Si-R series and SR-M series allows a network-adjacent unauthenticated attacker to obtain, change, and/or reset configuration settings of the affected products.
low complexity
fujitsu CWE-287
8.8
2023-02-15 CVE-2023-22377 XXE vulnerability in Fujitsu products
Improper restriction of XML external entity reference (XXE) vulnerability exists in tsClinical Define.xml Generator all versions (v1.0.0 to v1.4.0) and tsClinical Metadata Desktop Tools Version 1.0.3 to Version 1.1.0.
network
high complexity
fujitsu CWE-611
7.4
2022-06-20 CVE-2022-31794 OS Command Injection vulnerability in Fujitsu Eternus Cs8000 Firmware 8.1
An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 (Control Center) devices before 8.1A SP02 P04.
network
low complexity
fujitsu CWE-78
critical
9.8
2022-06-20 CVE-2022-31795 OS Command Injection vulnerability in Fujitsu Eternus Cs8000 Firmware 8.1
An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 (Control Center) devices before 8.1A SP02 P04.
network
low complexity
fujitsu CWE-78
critical
9.8
2022-05-18 CVE-2022-29516 OS Command Injection vulnerability in Fujitsu products
The web console of FUJITSU Network IPCOM series (IPCOM EX2 IN(3200, 3500), IPCOM EX2 LB(1100, 3200, 3500), IPCOM EX2 SC(1100, 3200, 3500), IPCOM EX2 NW(1100, 3200, 3500), IPCOM EX2 DC, IPCOM EX2 DC, IPCOM EX IN(2300, 2500, 2700), IPCOM EX LB(1100, 1300, 2300, 2500, 2700), IPCOM EX SC(1100, 1300, 2300, 2500, 2700), and IPCOM EX NW(1100, 1300, 2300, 2500, 2700)) allows a remote attacker to execute an arbitrary OS command via unspecified vectors.
network
low complexity
fujitsu CWE-78
critical
9.8
2022-05-04 CVE-2022-28806 Out-of-bounds Write vulnerability in Fujitsu products
An issue was discovered on certain Fujitsu LIEFBOOK devices (A3510, U9310, U7511/U7411/U7311, U9311, E5510/E5410, U7510/U7410/U7310, E459/E449) with BIOS versions before v1.09 (A3510), v2.17 (U9310), v2.30 (U7511/U7411/U7311), v2.33 (U9311), v2.23 (E5510), v2.19 (U7510/U7410), v2.13 (U7310), and v1.09 (E459/E449).
local
low complexity
fujitsu CWE-787
7.8
2022-04-11 CVE-2022-27089 Unquoted Search Path or Element vulnerability in Fujitsu Plugfree Network 7.3.0.3
In Fujitsu PlugFree Network <= 7.3.0.3, an Unquoted service path in PFNService.exe software allows a local attacker to potentially escalate privileges to system level.
local
low complexity
fujitsu CWE-428
7.8
2021-05-24 CVE-2021-20722 Uncontrolled Search Path Element vulnerability in Fujitsu Scansnap Manager
Untrusted search path vulnerability in the installers of ScanSnap Manager prior to versions V7.0L20 and the Software Download Installer prior to WinSSInst2JP.exe and WinSSInst2iX1500JP.exe allows an attacker to gain privileges and execute arbitrary code with the privilege of the user invoking the installer via a Trojan horse DLL in an unspecified directory.
local
low complexity
fujitsu CWE-427
7.8
2021-03-17 CVE-2020-17457 Cross-site Scripting vulnerability in Fujitsu Serverview Remote Management 9.62
Fujitsu ServerView Suite iRMC before 9.62F allows XSS.
network
low complexity
fujitsu CWE-79
5.4
2021-02-16 CVE-2021-23840 Integer Overflow or Wraparound vulnerability in multiple products
Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform.
7.5