Search

Find a vulnerability

Search criteria

    3 vulnerabilities found for hdl-a\/e by iodata

    VAR-201310-0460

    Vulnerability from variot - Updated: 2025-04-11 23:19

    I-O DATA DEVICE HDL-A and HDL2-A devices with firmware 1.07 and earlier do not properly manage sessions, which allows remote attackers to obtain sensitive information or modify data via unspecified vectors. HDL-A and HDL2-A Series provided by I-O DATA DEVICE, INC. are LAN connectable hard disk drives. HDL-A and HDL2-A Series contain a vulnerability related to the management of sessions. Kazuki Hirota of Keio University Keiji Takeda Research Group reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.A remote unauthenticated attacker may impersonate a user. As a result, information may be disclosed or altered. I-O DATA HDL is a network mobile device with built-in LAN connectivity. I-O DATA HDL has an unspecified error that allows an attacker to exploit a vulnerability to hijack other user sessions. Multiple I-O DATA products are prone to an unspecified session-hijacking vulnerability. Following devices running firmware versions 1.07 and prior are vulnerable: HDL-A series including HDL-AS, HDL-AH and HDL-A/E HDL2-A series including HDL2-AH and HDL2-A/E

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201310-0460",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "hdl2-ah",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "iodata",
            "version": null
          },
          {
            "model": "hdl-as",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "iodata",
            "version": null
          },
          {
            "model": "hdl-ah",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "iodata",
            "version": null
          },
          {
            "model": "hdl-a\\/e",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "iodata",
            "version": null
          },
          {
            "model": "hdl2-a\\/e",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "iodata",
            "version": null
          },
          {
            "model": "hdl-a",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "iodata",
            "version": "1.07"
          },
          {
            "model": "hdl2-a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "iodata",
            "version": "1.07"
          },
          {
            "model": "hdl-a series",
            "scope": null,
            "trust": 0.8,
            "vendor": "i o data device",
            "version": null
          },
          {
            "model": "hdl-a series",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "i o data device",
            "version": "(includes hdl-as, hdl-ah, hdl-a/e series) firmware version 1.07"
          },
          {
            "model": "hdl-a/e series",
            "scope": null,
            "trust": 0.8,
            "vendor": "i o data device",
            "version": null
          },
          {
            "model": "hdl-ah series",
            "scope": null,
            "trust": 0.8,
            "vendor": "i o data device",
            "version": null
          },
          {
            "model": "hdl-as series",
            "scope": null,
            "trust": 0.8,
            "vendor": "i o data device",
            "version": null
          },
          {
            "model": "hdl2-a series",
            "scope": null,
            "trust": 0.8,
            "vendor": "i o data device",
            "version": null
          },
          {
            "model": "hdl2-a series",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "i o data device",
            "version": "(includes hdl2-ah, hdl2-a/e series) firmware version 1.07"
          },
          {
            "model": "hdl2-a/e series",
            "scope": null,
            "trust": 0.8,
            "vendor": "i o data device",
            "version": null
          },
          {
            "model": "hdl2-ah series",
            "scope": null,
            "trust": 0.8,
            "vendor": "i o data device",
            "version": null
          },
          {
            "model": "data hdl-a series",
            "scope": null,
            "trust": 0.6,
            "vendor": "i o",
            "version": null
          },
          {
            "model": "data hdl2-a series",
            "scope": null,
            "trust": 0.6,
            "vendor": "i o",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2013-14024"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-000095"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201310-471"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-4712"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/h:i-o_data_device:hdl-a",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:i-o_data_device:hdl-a%2fe",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:i-o_data_device:hdl-ah",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:i-o_data_device:hdl-as",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:i-o_data_device:hdl2-a",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:i-o_data_device:hdl2-a%2fe",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:i-o_data_device:hdl2-ah",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-000095"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Kazuki Hirota from Keio University Keiji Takeda Research Group.",
        "sources": [
          {
            "db": "BID",
            "id": "63225"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2013-4712",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CVE-2013-4712",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "High",
                "accessVector": "Network",
                "authentication": "None",
                "author": "IPA",
                "availabilityImpact": "None",
                "baseScore": 4.0,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2013-000095",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CNVD-2013-14024",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "VHN-64714",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2013-4712",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "IPA",
                "id": "JVNDB-2013-000095",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2013-14024",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201310-471",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-64714",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2013-14024"
          },
          {
            "db": "VULHUB",
            "id": "VHN-64714"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-000095"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201310-471"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-4712"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "I-O DATA DEVICE HDL-A and HDL2-A devices with firmware 1.07 and earlier do not properly manage sessions, which allows remote attackers to obtain sensitive information or modify data via unspecified vectors. HDL-A and HDL2-A Series provided by I-O DATA DEVICE, INC. are LAN connectable hard disk drives. HDL-A and HDL2-A Series contain a vulnerability related to the management of sessions. Kazuki Hirota of Keio University Keiji Takeda Research Group reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.A remote unauthenticated attacker may impersonate a user. As a result, information may be disclosed or altered. I-O DATA HDL is a network mobile device with built-in LAN connectivity. I-O DATA HDL has an unspecified error that allows an attacker to exploit a vulnerability to hijack other user sessions. Multiple I-O DATA products are prone to an unspecified session-hijacking vulnerability. \nFollowing devices running firmware versions 1.07 and prior are vulnerable:\nHDL-A series including HDL-AS, HDL-AH and HDL-A/E\nHDL2-A series including HDL2-AH and HDL2-A/E",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2013-4712"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-000095"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2013-14024"
          },
          {
            "db": "BID",
            "id": "63225"
          },
          {
            "db": "VULHUB",
            "id": "VHN-64714"
          }
        ],
        "trust": 2.52
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2013-4712",
            "trust": 3.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-000095",
            "trust": 3.1
          },
          {
            "db": "JVN",
            "id": "JVN52509236",
            "trust": 3.1
          },
          {
            "db": "BID",
            "id": "63225",
            "trust": 1.0
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201310-471",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2013-14024",
            "trust": 0.6
          },
          {
            "db": "JVN",
            "id": "JVN#52509236",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-64714",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2013-14024"
          },
          {
            "db": "VULHUB",
            "id": "VHN-64714"
          },
          {
            "db": "BID",
            "id": "63225"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-000095"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201310-471"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-4712"
          }
        ]
      },
      "id": "VAR-201310-0460",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2013-14024"
          },
          {
            "db": "VULHUB",
            "id": "VHN-64714"
          }
        ],
        "trust": 1.3666667
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2013-14024"
          }
        ]
      },
      "last_update_date": "2025-04-11T23:19:27.462000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "I-O DATA DEVICE, INC. website",
            "trust": 0.8,
            "url": "http://www.iobb.net/remotelinkaccess/"
          },
          {
            "title": "Patch for Unknown Session Hijacking Vulnerabilities in Multiple I-O DATA Products",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/40481"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2013-14024"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-000095"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-399",
            "trust": 1.1
          },
          {
            "problemtype": "CWE-264",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-64714"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-000095"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-4712"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.1,
            "url": "http://jvn.jp/en/jp/jvn52509236/index.html"
          },
          {
            "trust": 1.7,
            "url": "http://jvn.jp/en/jp/jvn52509236/225184/index.html"
          },
          {
            "trust": 1.7,
            "url": "http://rm2.iobb.net"
          },
          {
            "trust": 1.7,
            "url": "http://jvndb.jvn.jp/jvndb/jvndb-2013-000095"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-4712"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-4712"
          },
          {
            "trust": 0.6,
            "url": "http://jvndb.jvn.jp/en/contents/2013/jvndb-2013-000095.html"
          },
          {
            "trust": 0.6,
            "url": "http://jvn.jp/jp/jvn52509236/index.html"
          },
          {
            "trust": 0.6,
            "url": "http://jvndb.jvn.jp/ja/contents/2013/jvndb-2013-000095.html"
          },
          {
            "trust": 0.6,
            "url": "http:"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2013-14024"
          },
          {
            "db": "VULHUB",
            "id": "VHN-64714"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-000095"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201310-471"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-4712"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2013-14024"
          },
          {
            "db": "VULHUB",
            "id": "VHN-64714"
          },
          {
            "db": "BID",
            "id": "63225"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-000095"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201310-471"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-4712"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2013-10-24T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2013-14024"
          },
          {
            "date": "2013-10-19T00:00:00",
            "db": "VULHUB",
            "id": "VHN-64714"
          },
          {
            "date": "2013-10-18T00:00:00",
            "db": "BID",
            "id": "63225"
          },
          {
            "date": "2013-10-18T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2013-000095"
          },
          {
            "date": "2013-10-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201310-471"
          },
          {
            "date": "2013-10-19T10:36:07.697000",
            "db": "NVD",
            "id": "CVE-2013-4712"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2013-10-24T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2013-14024"
          },
          {
            "date": "2013-10-21T00:00:00",
            "db": "VULHUB",
            "id": "VHN-64714"
          },
          {
            "date": "2013-10-18T00:00:00",
            "db": "BID",
            "id": "63225"
          },
          {
            "date": "2013-10-22T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2013-000095"
          },
          {
            "date": "2013-10-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201310-471"
          },
          {
            "date": "2025-04-11T00:51:21.963000",
            "db": "NVD",
            "id": "CVE-2013-4712"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201310-471"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HDL-A and HDL2-A Series vulnerable in session management",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-000095"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "resource management error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201310-471"
          }
        ],
        "trust": 0.6
      }
    }

    CVE-2013-4712 (GCVE-0-2013-4712)

    Vulnerability from nvd – Published: 2013-10-19 10:00 – Updated: 2024-09-16 20:26
    VLAI
    Summary
    I-O DATA DEVICE HDL-A and HDL2-A devices with firmware 1.07 and earlier do not properly manage sessions, which allows remote attackers to obtain sensitive information or modify data via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://rm2.iobb.net x_refsource_CONFIRM
    http://jvn.jp/en/jp/JVN52509236/index.html third-party-advisoryx_refsource_JVN
    http://jvn.jp/en/jp/JVN52509236/225184/index.html x_refsource_CONFIRM
    http://jvndb.jvn.jp/jvndb/JVNDB-2013-000095 third-party-advisoryx_refsource_JVNDB
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T16:52:27.151Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://rm2.iobb.net"
              },
              {
                "name": "JVN#52509236",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "http://jvn.jp/en/jp/JVN52509236/index.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://jvn.jp/en/jp/JVN52509236/225184/index.html"
              },
              {
                "name": "JVNDB-2013-000095",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVNDB",
                  "x_transferred"
                ],
                "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000095"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "I-O DATA DEVICE HDL-A and HDL2-A devices with firmware 1.07 and earlier do not properly manage sessions, which allows remote attackers to obtain sensitive information or modify data via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-10-19T10:00:00.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://rm2.iobb.net"
            },
            {
              "name": "JVN#52509236",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "http://jvn.jp/en/jp/JVN52509236/index.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://jvn.jp/en/jp/JVN52509236/225184/index.html"
            },
            {
              "name": "JVNDB-2013-000095",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVNDB"
              ],
              "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000095"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2013-4712",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "I-O DATA DEVICE HDL-A and HDL2-A devices with firmware 1.07 and earlier do not properly manage sessions, which allows remote attackers to obtain sensitive information or modify data via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://rm2.iobb.net",
                  "refsource": "CONFIRM",
                  "url": "http://rm2.iobb.net"
                },
                {
                  "name": "JVN#52509236",
                  "refsource": "JVN",
                  "url": "http://jvn.jp/en/jp/JVN52509236/index.html"
                },
                {
                  "name": "http://jvn.jp/en/jp/JVN52509236/225184/index.html",
                  "refsource": "CONFIRM",
                  "url": "http://jvn.jp/en/jp/JVN52509236/225184/index.html"
                },
                {
                  "name": "JVNDB-2013-000095",
                  "refsource": "JVNDB",
                  "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000095"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2013-4712",
        "datePublished": "2013-10-19T10:00:00.000Z",
        "dateReserved": "2013-06-26T00:00:00.000Z",
        "dateUpdated": "2024-09-16T20:26:42.643Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-4712 (GCVE-0-2013-4712)

    Vulnerability from cvelistv5 – Published: 2013-10-19 10:00 – Updated: 2024-09-16 20:26
    VLAI
    Summary
    I-O DATA DEVICE HDL-A and HDL2-A devices with firmware 1.07 and earlier do not properly manage sessions, which allows remote attackers to obtain sensitive information or modify data via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://rm2.iobb.net x_refsource_CONFIRM
    http://jvn.jp/en/jp/JVN52509236/index.html third-party-advisoryx_refsource_JVN
    http://jvn.jp/en/jp/JVN52509236/225184/index.html x_refsource_CONFIRM
    http://jvndb.jvn.jp/jvndb/JVNDB-2013-000095 third-party-advisoryx_refsource_JVNDB
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T16:52:27.151Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://rm2.iobb.net"
              },
              {
                "name": "JVN#52509236",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "http://jvn.jp/en/jp/JVN52509236/index.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://jvn.jp/en/jp/JVN52509236/225184/index.html"
              },
              {
                "name": "JVNDB-2013-000095",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVNDB",
                  "x_transferred"
                ],
                "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000095"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "I-O DATA DEVICE HDL-A and HDL2-A devices with firmware 1.07 and earlier do not properly manage sessions, which allows remote attackers to obtain sensitive information or modify data via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-10-19T10:00:00.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://rm2.iobb.net"
            },
            {
              "name": "JVN#52509236",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "http://jvn.jp/en/jp/JVN52509236/index.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://jvn.jp/en/jp/JVN52509236/225184/index.html"
            },
            {
              "name": "JVNDB-2013-000095",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVNDB"
              ],
              "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000095"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2013-4712",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "I-O DATA DEVICE HDL-A and HDL2-A devices with firmware 1.07 and earlier do not properly manage sessions, which allows remote attackers to obtain sensitive information or modify data via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://rm2.iobb.net",
                  "refsource": "CONFIRM",
                  "url": "http://rm2.iobb.net"
                },
                {
                  "name": "JVN#52509236",
                  "refsource": "JVN",
                  "url": "http://jvn.jp/en/jp/JVN52509236/index.html"
                },
                {
                  "name": "http://jvn.jp/en/jp/JVN52509236/225184/index.html",
                  "refsource": "CONFIRM",
                  "url": "http://jvn.jp/en/jp/JVN52509236/225184/index.html"
                },
                {
                  "name": "JVNDB-2013-000095",
                  "refsource": "JVNDB",
                  "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000095"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2013-4712",
        "datePublished": "2013-10-19T10:00:00.000Z",
        "dateReserved": "2013-06-26T00:00:00.000Z",
        "dateUpdated": "2024-09-16T20:26:42.643Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }