Search
Find a vulnerability
Search criteria
4 vulnerabilities found for STARDOM Controller by Yokogawa Electric Corporation
CVE-2022-30997 (GCVE-0-2022-30997)
Vulnerability from nvd – Published: 2022-06-28 10:06 – Updated: 2024-08-03 07:03
VLAI
Summary
Use of hard-coded credentials vulnerability exists in STARDOM FCN Controller and FCJ Controller R4.10 to R4.31, which may allow an attacker with an administrative privilege to read/change configuration settings or update the controller with tampered firmware.
Severity
6.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- Use of Hard-coded Credentials
- CWE-798 - Use of Hard-coded Credentials
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://web-material3.yokogawa.com/1/32885/files/… | x_refsource_MISC |
| https://web-material3.yokogawa.com/19/32885/files… | x_refsource_MISC |
| https://jvn.jp/vu/JVNVU95452299/index.html | x_refsource_MISC |
| https://www.cisa.gov/uscert/ics/advisories/icsa-2… | x_refsource_MISC |
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Yokogawa Electric Corporation | STARDOM Controller |
Affected:
STARDOM FCN Controller and FCJ Controller R4.10 to R4.31
|
|
| yokogawa | stardom_fcj_firmware |
Affected:
r4.10 , ≤ r4.31
(custom)
cpe:2.3:o:yokogawa:stardom_fcj_firmware:r4.10:*:*:*:*:*:*:* |
|
| yokogawa | stardom_fcn_firmware |
Affected:
r4.10 , ≤ r4.31
(custom)
cpe:2.3:o:yokogawa:stardom_fcn_firmware:r4.10:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:yokogawa:stardom_fcj_firmware:r4.10:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "stardom_fcj_firmware",
"vendor": "yokogawa",
"versions": [
{
"lessThanOrEqual": "r4.31",
"status": "affected",
"version": "r4.10",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:yokogawa:stardom_fcn_firmware:r4.10:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "stardom_fcn_firmware",
"vendor": "yokogawa",
"versions": [
{
"lessThanOrEqual": "r4.31",
"status": "affected",
"version": "r4.10",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-30997",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-26T19:56:59.327177Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798 Use of Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-26T20:01:46.457Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:03:40.234Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/vu/JVNVU95452299/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "STARDOM Controller",
"vendor": "Yokogawa Electric Corporation",
"versions": [
{
"status": "affected",
"version": "STARDOM FCN Controller and FCJ Controller R4.10 to R4.31"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Use of hard-coded credentials vulnerability exists in STARDOM FCN Controller and FCJ Controller R4.10 to R4.31, which may allow an attacker with an administrative privilege to read/change configuration settings or update the controller with tampered firmware."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use of Hard-coded Credentials",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-28T10:06:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/vu/JVNVU95452299/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2022-30997",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "STARDOM Controller",
"version": {
"version_data": [
{
"version_value": "STARDOM FCN Controller and FCJ Controller R4.10 to R4.31"
}
]
}
}
]
},
"vendor_name": "Yokogawa Electric Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use of hard-coded credentials vulnerability exists in STARDOM FCN Controller and FCJ Controller R4.10 to R4.31, which may allow an attacker with an administrative privilege to read/change configuration settings or update the controller with tampered firmware."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use of Hard-coded Credentials"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf",
"refsource": "MISC",
"url": "https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf"
},
{
"name": "https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf",
"refsource": "MISC",
"url": "https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf"
},
{
"name": "https://jvn.jp/vu/JVNVU95452299/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/vu/JVNVU95452299/index.html"
},
{
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01",
"refsource": "MISC",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2022-30997",
"datePublished": "2022-06-28T10:06:01.000Z",
"dateReserved": "2022-05-31T00:00:00.000Z",
"dateUpdated": "2024-08-03T07:03:40.234Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-29519 (GCVE-0-2022-29519)
Vulnerability from nvd – Published: 2022-06-28 10:05 – Updated: 2024-08-03 06:26
VLAI
Summary
Cleartext transmission of sensitive information vulnerability exists in STARDOM FCN Controller and FCJ Controller R1.01 to R4.31, which may allow an adjacent attacker to login the affected products and alter device configuration settings or tamper with device firmware.
Severity
No CVSS data available.
CWE
- Cleartext Transmission of Sensitive Information
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://web-material3.yokogawa.com/1/32885/files/… | x_refsource_MISC |
| https://web-material3.yokogawa.com/19/32885/files… | x_refsource_MISC |
| https://jvn.jp/vu/JVNVU95452299/index.html | x_refsource_MISC |
| https://www.cisa.gov/uscert/ics/advisories/icsa-2… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Yokogawa Electric Corporation | STARDOM Controller |
Affected:
STARDOM FCN Controller and FCJ Controller R1.01 to R4.31
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:26:05.949Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/vu/JVNVU95452299/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "STARDOM Controller",
"vendor": "Yokogawa Electric Corporation",
"versions": [
{
"status": "affected",
"version": "STARDOM FCN Controller and FCJ Controller R1.01 to R4.31"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cleartext transmission of sensitive information vulnerability exists in STARDOM FCN Controller and FCJ Controller R1.01 to R4.31, which may allow an adjacent attacker to login the affected products and alter device configuration settings or tamper with device firmware."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-28T10:05:31.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/vu/JVNVU95452299/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2022-29519",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "STARDOM Controller",
"version": {
"version_data": [
{
"version_value": "STARDOM FCN Controller and FCJ Controller R1.01 to R4.31"
}
]
}
}
]
},
"vendor_name": "Yokogawa Electric Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cleartext transmission of sensitive information vulnerability exists in STARDOM FCN Controller and FCJ Controller R1.01 to R4.31, which may allow an adjacent attacker to login the affected products and alter device configuration settings or tamper with device firmware."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cleartext Transmission of Sensitive Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf",
"refsource": "MISC",
"url": "https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf"
},
{
"name": "https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf",
"refsource": "MISC",
"url": "https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf"
},
{
"name": "https://jvn.jp/vu/JVNVU95452299/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/vu/JVNVU95452299/index.html"
},
{
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01",
"refsource": "MISC",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2022-29519",
"datePublished": "2022-06-28T10:05:31.000Z",
"dateReserved": "2022-05-31T00:00:00.000Z",
"dateUpdated": "2024-08-03T06:26:05.949Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-30997 (GCVE-0-2022-30997)
Vulnerability from cvelistv5 – Published: 2022-06-28 10:06 – Updated: 2024-08-03 07:03
VLAI
Summary
Use of hard-coded credentials vulnerability exists in STARDOM FCN Controller and FCJ Controller R4.10 to R4.31, which may allow an attacker with an administrative privilege to read/change configuration settings or update the controller with tampered firmware.
Severity
6.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- Use of Hard-coded Credentials
- CWE-798 - Use of Hard-coded Credentials
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://web-material3.yokogawa.com/1/32885/files/… | x_refsource_MISC |
| https://web-material3.yokogawa.com/19/32885/files… | x_refsource_MISC |
| https://jvn.jp/vu/JVNVU95452299/index.html | x_refsource_MISC |
| https://www.cisa.gov/uscert/ics/advisories/icsa-2… | x_refsource_MISC |
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Yokogawa Electric Corporation | STARDOM Controller |
Affected:
STARDOM FCN Controller and FCJ Controller R4.10 to R4.31
|
|
| yokogawa | stardom_fcj_firmware |
Affected:
r4.10 , ≤ r4.31
(custom)
cpe:2.3:o:yokogawa:stardom_fcj_firmware:r4.10:*:*:*:*:*:*:* |
|
| yokogawa | stardom_fcn_firmware |
Affected:
r4.10 , ≤ r4.31
(custom)
cpe:2.3:o:yokogawa:stardom_fcn_firmware:r4.10:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:yokogawa:stardom_fcj_firmware:r4.10:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "stardom_fcj_firmware",
"vendor": "yokogawa",
"versions": [
{
"lessThanOrEqual": "r4.31",
"status": "affected",
"version": "r4.10",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:yokogawa:stardom_fcn_firmware:r4.10:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "stardom_fcn_firmware",
"vendor": "yokogawa",
"versions": [
{
"lessThanOrEqual": "r4.31",
"status": "affected",
"version": "r4.10",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-30997",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-26T19:56:59.327177Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798 Use of Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-26T20:01:46.457Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:03:40.234Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/vu/JVNVU95452299/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "STARDOM Controller",
"vendor": "Yokogawa Electric Corporation",
"versions": [
{
"status": "affected",
"version": "STARDOM FCN Controller and FCJ Controller R4.10 to R4.31"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Use of hard-coded credentials vulnerability exists in STARDOM FCN Controller and FCJ Controller R4.10 to R4.31, which may allow an attacker with an administrative privilege to read/change configuration settings or update the controller with tampered firmware."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use of Hard-coded Credentials",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-28T10:06:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/vu/JVNVU95452299/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2022-30997",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "STARDOM Controller",
"version": {
"version_data": [
{
"version_value": "STARDOM FCN Controller and FCJ Controller R4.10 to R4.31"
}
]
}
}
]
},
"vendor_name": "Yokogawa Electric Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use of hard-coded credentials vulnerability exists in STARDOM FCN Controller and FCJ Controller R4.10 to R4.31, which may allow an attacker with an administrative privilege to read/change configuration settings or update the controller with tampered firmware."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use of Hard-coded Credentials"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf",
"refsource": "MISC",
"url": "https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf"
},
{
"name": "https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf",
"refsource": "MISC",
"url": "https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf"
},
{
"name": "https://jvn.jp/vu/JVNVU95452299/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/vu/JVNVU95452299/index.html"
},
{
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01",
"refsource": "MISC",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2022-30997",
"datePublished": "2022-06-28T10:06:01.000Z",
"dateReserved": "2022-05-31T00:00:00.000Z",
"dateUpdated": "2024-08-03T07:03:40.234Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-29519 (GCVE-0-2022-29519)
Vulnerability from cvelistv5 – Published: 2022-06-28 10:05 – Updated: 2024-08-03 06:26
VLAI
Summary
Cleartext transmission of sensitive information vulnerability exists in STARDOM FCN Controller and FCJ Controller R1.01 to R4.31, which may allow an adjacent attacker to login the affected products and alter device configuration settings or tamper with device firmware.
Severity
No CVSS data available.
CWE
- Cleartext Transmission of Sensitive Information
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://web-material3.yokogawa.com/1/32885/files/… | x_refsource_MISC |
| https://web-material3.yokogawa.com/19/32885/files… | x_refsource_MISC |
| https://jvn.jp/vu/JVNVU95452299/index.html | x_refsource_MISC |
| https://www.cisa.gov/uscert/ics/advisories/icsa-2… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Yokogawa Electric Corporation | STARDOM Controller |
Affected:
STARDOM FCN Controller and FCJ Controller R1.01 to R4.31
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:26:05.949Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/vu/JVNVU95452299/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "STARDOM Controller",
"vendor": "Yokogawa Electric Corporation",
"versions": [
{
"status": "affected",
"version": "STARDOM FCN Controller and FCJ Controller R1.01 to R4.31"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cleartext transmission of sensitive information vulnerability exists in STARDOM FCN Controller and FCJ Controller R1.01 to R4.31, which may allow an adjacent attacker to login the affected products and alter device configuration settings or tamper with device firmware."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-28T10:05:31.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/vu/JVNVU95452299/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2022-29519",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "STARDOM Controller",
"version": {
"version_data": [
{
"version_value": "STARDOM FCN Controller and FCJ Controller R1.01 to R4.31"
}
]
}
}
]
},
"vendor_name": "Yokogawa Electric Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cleartext transmission of sensitive information vulnerability exists in STARDOM FCN Controller and FCJ Controller R1.01 to R4.31, which may allow an adjacent attacker to login the affected products and alter device configuration settings or tamper with device firmware."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cleartext Transmission of Sensitive Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf",
"refsource": "MISC",
"url": "https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf"
},
{
"name": "https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf",
"refsource": "MISC",
"url": "https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf"
},
{
"name": "https://jvn.jp/vu/JVNVU95452299/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/vu/JVNVU95452299/index.html"
},
{
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01",
"refsource": "MISC",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2022-29519",
"datePublished": "2022-06-28T10:05:31.000Z",
"dateReserved": "2022-05-31T00:00:00.000Z",
"dateUpdated": "2024-08-03T06:26:05.949Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}