Search

Find a vulnerability

Search criteria

    1 vulnerability found for Web Based Management by Brother Industries

    JVNDB-2024-000026

    Vulnerability from jvndb - Published: 2024-03-06 18:12 - Updated:2024-03-06 18:12
    Severity
    Summary
    Multiple vulnerabilities in printers and scanners which implement BROTHER Web Based Management
    Details
    Multiple printers and scanners which implement Web Based Management provided by BROTHER INDUSTRIES, LTD. contain multiple vulnerabilities listed below. * Improper Authentication (CWE-287) - CVE-2024-21824 * Cross-Site Request Forgery (CWE-352) - CVE-2024-22475 Hiroki Yasui, Yudai Morii, Takaya Noma, Takayuki Sasaki, and Katsunari Yoshioka of Yokohama National University reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-000026.html",
      "dc:date": "2024-03-06T18:12+09:00",
      "dcterms:issued": "2024-03-06T18:12+09:00",
      "dcterms:modified": "2024-03-06T18:12+09:00",
      "description": "Multiple printers and scanners which implement Web Based Management provided by BROTHER INDUSTRIES, LTD. contain multiple vulnerabilities listed below.\r\n\r\n  * Improper Authentication (CWE-287) - CVE-2024-21824\r\n  * Cross-Site Request Forgery (CWE-352) - CVE-2024-22475\r\n\r\nHiroki Yasui, Yudai Morii, Takaya Noma, Takayuki Sasaki, and Katsunari Yoshioka of Yokohama National University reported these vulnerabilities to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-000026.html",
      "sec:cpe": {
        "#text": "cpe:/a:brother:web_based_management",
        "@product": "Web Based Management",
        "@vendor": "Brother Industries",
        "@version": "2.2"
      },
      "sec:cvss": [
        {
          "@score": "2.9",
          "@severity": "Low",
          "@type": "Base",
          "@vector": "AV:A/AC:M/Au:N/C:P/I:N/A:N",
          "@version": "2.0"
        },
        {
          "@score": "5.3",
          "@severity": "Medium",
          "@type": "Base",
          "@vector": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "@version": "3.0"
        }
      ],
      "sec:identifier": "JVNDB-2024-000026",
      "sec:references": [
        {
          "#text": "https://jvn.jp/en/jp/JVN82749078/index.html",
          "@id": "JVN#82749078",
          "@source": "JVN"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2024-21824",
          "@id": "CVE-2024-21824",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2024-22475",
          "@id": "CVE-2024-22475",
          "@source": "CVE"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-287",
          "@title": "Improper Authentication(CWE-287)"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-352",
          "@title": "Cross-Site Request Forgery(CWE-352)"
        }
      ],
      "title": "Multiple vulnerabilities in printers and scanners which implement BROTHER Web Based Management"
    }