Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for STARDOM Controller by Yokogawa Electric Corporation

    CVE-2022-30997 (GCVE-0-2022-30997)

    Vulnerability from nvd – Published: 2022-06-28 10:06 – Updated: 2024-08-03 07:03
    VLAI
    Summary
    Use of hard-coded credentials vulnerability exists in STARDOM FCN Controller and FCJ Controller R4.10 to R4.31, which may allow an attacker with an administrative privilege to read/change configuration settings or update the controller with tampered firmware.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Use of Hard-coded Credentials
    • CWE-798 - Use of Hard-coded Credentials
    Assigner
    Impacted products
    Vendor Product Version
    Yokogawa Electric Corporation STARDOM Controller Affected: STARDOM FCN Controller and FCJ Controller R4.10 to R4.31
    Create a notification for this product.
    yokogawa stardom_fcj_firmware Affected: r4.10 , ≤ r4.31 (custom)
        cpe:2.3:o:yokogawa:stardom_fcj_firmware:r4.10:*:*:*:*:*:*:*
    Create a notification for this product.
    yokogawa stardom_fcn_firmware Affected: r4.10 , ≤ r4.31 (custom)
        cpe:2.3:o:yokogawa:stardom_fcn_firmware:r4.10:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:yokogawa:stardom_fcj_firmware:r4.10:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "stardom_fcj_firmware",
                "vendor": "yokogawa",
                "versions": [
                  {
                    "lessThanOrEqual": "r4.31",
                    "status": "affected",
                    "version": "r4.10",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:yokogawa:stardom_fcn_firmware:r4.10:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "stardom_fcn_firmware",
                "vendor": "yokogawa",
                "versions": [
                  {
                    "lessThanOrEqual": "r4.31",
                    "status": "affected",
                    "version": "r4.10",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "HIGH",
                  "attackVector": "ADJACENT_NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 6.3,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "HIGH",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-30997",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-26T19:56:59.327177Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-798",
                    "description": "CWE-798 Use of Hard-coded Credentials",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-26T20:01:46.457Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T07:03:40.234Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://jvn.jp/vu/JVNVU95452299/index.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "STARDOM Controller",
              "vendor": "Yokogawa Electric Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "STARDOM FCN Controller and FCJ Controller R4.10 to R4.31"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Use of hard-coded credentials vulnerability exists in STARDOM FCN Controller and FCJ Controller R4.10 to R4.31, which may allow an attacker with an administrative privilege to read/change configuration settings or update the controller with tampered firmware."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Use of Hard-coded Credentials",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-06-28T10:06:01.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://jvn.jp/vu/JVNVU95452299/index.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2022-30997",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "STARDOM Controller",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "STARDOM FCN Controller and FCJ Controller R4.10 to R4.31"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Yokogawa Electric Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Use of hard-coded credentials vulnerability exists in STARDOM FCN Controller and FCJ Controller R4.10 to R4.31, which may allow an attacker with an administrative privilege to read/change configuration settings or update the controller with tampered firmware."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Use of Hard-coded Credentials"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf",
                  "refsource": "MISC",
                  "url": "https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf"
                },
                {
                  "name": "https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf",
                  "refsource": "MISC",
                  "url": "https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf"
                },
                {
                  "name": "https://jvn.jp/vu/JVNVU95452299/index.html",
                  "refsource": "MISC",
                  "url": "https://jvn.jp/vu/JVNVU95452299/index.html"
                },
                {
                  "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01",
                  "refsource": "MISC",
                  "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2022-30997",
        "datePublished": "2022-06-28T10:06:01.000Z",
        "dateReserved": "2022-05-31T00:00:00.000Z",
        "dateUpdated": "2024-08-03T07:03:40.234Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-29519 (GCVE-0-2022-29519)

    Vulnerability from nvd – Published: 2022-06-28 10:05 – Updated: 2024-08-03 06:26
    VLAI
    Summary
    Cleartext transmission of sensitive information vulnerability exists in STARDOM FCN Controller and FCJ Controller R1.01 to R4.31, which may allow an adjacent attacker to login the affected products and alter device configuration settings or tamper with device firmware.
    Severity
    No CVSS data available.
    CWE
    • Cleartext Transmission of Sensitive Information
    Assigner
    Impacted products
    Vendor Product Version
    Yokogawa Electric Corporation STARDOM Controller Affected: STARDOM FCN Controller and FCJ Controller R1.01 to R4.31
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T06:26:05.949Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://jvn.jp/vu/JVNVU95452299/index.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "STARDOM Controller",
              "vendor": "Yokogawa Electric Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "STARDOM FCN Controller and FCJ Controller R1.01 to R4.31"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Cleartext transmission of sensitive information vulnerability exists in STARDOM FCN Controller and FCJ Controller R1.01 to R4.31, which may allow an adjacent attacker to login the affected products and alter device configuration settings or tamper with device firmware."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Cleartext Transmission of Sensitive Information",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-06-28T10:05:31.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://jvn.jp/vu/JVNVU95452299/index.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2022-29519",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "STARDOM Controller",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "STARDOM FCN Controller and FCJ Controller R1.01 to R4.31"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Yokogawa Electric Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cleartext transmission of sensitive information vulnerability exists in STARDOM FCN Controller and FCJ Controller R1.01 to R4.31, which may allow an adjacent attacker to login the affected products and alter device configuration settings or tamper with device firmware."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Cleartext Transmission of Sensitive Information"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf",
                  "refsource": "MISC",
                  "url": "https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf"
                },
                {
                  "name": "https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf",
                  "refsource": "MISC",
                  "url": "https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf"
                },
                {
                  "name": "https://jvn.jp/vu/JVNVU95452299/index.html",
                  "refsource": "MISC",
                  "url": "https://jvn.jp/vu/JVNVU95452299/index.html"
                },
                {
                  "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01",
                  "refsource": "MISC",
                  "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2022-29519",
        "datePublished": "2022-06-28T10:05:31.000Z",
        "dateReserved": "2022-05-31T00:00:00.000Z",
        "dateUpdated": "2024-08-03T06:26:05.949Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-30997 (GCVE-0-2022-30997)

    Vulnerability from cvelistv5 – Published: 2022-06-28 10:06 – Updated: 2024-08-03 07:03
    VLAI
    Summary
    Use of hard-coded credentials vulnerability exists in STARDOM FCN Controller and FCJ Controller R4.10 to R4.31, which may allow an attacker with an administrative privilege to read/change configuration settings or update the controller with tampered firmware.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Use of Hard-coded Credentials
    • CWE-798 - Use of Hard-coded Credentials
    Assigner
    Impacted products
    Vendor Product Version
    Yokogawa Electric Corporation STARDOM Controller Affected: STARDOM FCN Controller and FCJ Controller R4.10 to R4.31
    Create a notification for this product.
    yokogawa stardom_fcj_firmware Affected: r4.10 , ≤ r4.31 (custom)
        cpe:2.3:o:yokogawa:stardom_fcj_firmware:r4.10:*:*:*:*:*:*:*
    Create a notification for this product.
    yokogawa stardom_fcn_firmware Affected: r4.10 , ≤ r4.31 (custom)
        cpe:2.3:o:yokogawa:stardom_fcn_firmware:r4.10:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:yokogawa:stardom_fcj_firmware:r4.10:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "stardom_fcj_firmware",
                "vendor": "yokogawa",
                "versions": [
                  {
                    "lessThanOrEqual": "r4.31",
                    "status": "affected",
                    "version": "r4.10",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:yokogawa:stardom_fcn_firmware:r4.10:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "stardom_fcn_firmware",
                "vendor": "yokogawa",
                "versions": [
                  {
                    "lessThanOrEqual": "r4.31",
                    "status": "affected",
                    "version": "r4.10",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "HIGH",
                  "attackVector": "ADJACENT_NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 6.3,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "HIGH",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-30997",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-26T19:56:59.327177Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-798",
                    "description": "CWE-798 Use of Hard-coded Credentials",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-26T20:01:46.457Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T07:03:40.234Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://jvn.jp/vu/JVNVU95452299/index.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "STARDOM Controller",
              "vendor": "Yokogawa Electric Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "STARDOM FCN Controller and FCJ Controller R4.10 to R4.31"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Use of hard-coded credentials vulnerability exists in STARDOM FCN Controller and FCJ Controller R4.10 to R4.31, which may allow an attacker with an administrative privilege to read/change configuration settings or update the controller with tampered firmware."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Use of Hard-coded Credentials",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-06-28T10:06:01.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://jvn.jp/vu/JVNVU95452299/index.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2022-30997",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "STARDOM Controller",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "STARDOM FCN Controller and FCJ Controller R4.10 to R4.31"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Yokogawa Electric Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Use of hard-coded credentials vulnerability exists in STARDOM FCN Controller and FCJ Controller R4.10 to R4.31, which may allow an attacker with an administrative privilege to read/change configuration settings or update the controller with tampered firmware."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Use of Hard-coded Credentials"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf",
                  "refsource": "MISC",
                  "url": "https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf"
                },
                {
                  "name": "https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf",
                  "refsource": "MISC",
                  "url": "https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf"
                },
                {
                  "name": "https://jvn.jp/vu/JVNVU95452299/index.html",
                  "refsource": "MISC",
                  "url": "https://jvn.jp/vu/JVNVU95452299/index.html"
                },
                {
                  "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01",
                  "refsource": "MISC",
                  "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2022-30997",
        "datePublished": "2022-06-28T10:06:01.000Z",
        "dateReserved": "2022-05-31T00:00:00.000Z",
        "dateUpdated": "2024-08-03T07:03:40.234Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-29519 (GCVE-0-2022-29519)

    Vulnerability from cvelistv5 – Published: 2022-06-28 10:05 – Updated: 2024-08-03 06:26
    VLAI
    Summary
    Cleartext transmission of sensitive information vulnerability exists in STARDOM FCN Controller and FCJ Controller R1.01 to R4.31, which may allow an adjacent attacker to login the affected products and alter device configuration settings or tamper with device firmware.
    Severity
    No CVSS data available.
    CWE
    • Cleartext Transmission of Sensitive Information
    Assigner
    Impacted products
    Vendor Product Version
    Yokogawa Electric Corporation STARDOM Controller Affected: STARDOM FCN Controller and FCJ Controller R1.01 to R4.31
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T06:26:05.949Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://jvn.jp/vu/JVNVU95452299/index.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "STARDOM Controller",
              "vendor": "Yokogawa Electric Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "STARDOM FCN Controller and FCJ Controller R1.01 to R4.31"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Cleartext transmission of sensitive information vulnerability exists in STARDOM FCN Controller and FCJ Controller R1.01 to R4.31, which may allow an adjacent attacker to login the affected products and alter device configuration settings or tamper with device firmware."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Cleartext Transmission of Sensitive Information",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-06-28T10:05:31.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://jvn.jp/vu/JVNVU95452299/index.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2022-29519",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "STARDOM Controller",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "STARDOM FCN Controller and FCJ Controller R1.01 to R4.31"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Yokogawa Electric Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cleartext transmission of sensitive information vulnerability exists in STARDOM FCN Controller and FCJ Controller R1.01 to R4.31, which may allow an adjacent attacker to login the affected products and alter device configuration settings or tamper with device firmware."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Cleartext Transmission of Sensitive Information"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf",
                  "refsource": "MISC",
                  "url": "https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf"
                },
                {
                  "name": "https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf",
                  "refsource": "MISC",
                  "url": "https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf"
                },
                {
                  "name": "https://jvn.jp/vu/JVNVU95452299/index.html",
                  "refsource": "MISC",
                  "url": "https://jvn.jp/vu/JVNVU95452299/index.html"
                },
                {
                  "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01",
                  "refsource": "MISC",
                  "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2022-29519",
        "datePublished": "2022-06-28T10:05:31.000Z",
        "dateReserved": "2022-05-31T00:00:00.000Z",
        "dateUpdated": "2024-08-03T06:26:05.949Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }