Search
Find a vulnerability
Search criteria
6 vulnerabilities by KING JIM CO.,LTD.
CVE-2022-0184 (GCVE-0-2022-0184)
Vulnerability from nvd – Published: 2022-01-17 09:10 – Updated: 2024-08-02 23:18
VLAI
Summary
Insufficiently protected credentials vulnerability in 'TEPRA' PRO SR5900P Ver.1.080 and earlier and 'TEPRA' PRO SR-R7900P Ver.1.030 and earlier allows an attacker on the adjacent network to obtain credentials for connecting to the Wi-Fi access point with the infrastructure mode.
Severity
No CVSS data available.
CWE
- Insufficiently protected credentials
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.kingjim.co.jp/download/security/#sr01 | x_refsource_MISC |
| https://jvn.jp/en/jp/JVN81479705/index.html | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| KING JIM CO.,LTD. | TEPRA PRO |
Affected:
'TEPRA' PRO SR5900P Ver.1.080 and earlier and 'TEPRA' PRO SR-R7900P Ver.1.030 and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:18:42.544Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.kingjim.co.jp/download/security/#sr01"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN81479705/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "TEPRA PRO",
"vendor": "KING JIM CO.,LTD.",
"versions": [
{
"status": "affected",
"version": "\u0027TEPRA\u0027 PRO SR5900P Ver.1.080 and earlier and \u0027TEPRA\u0027 PRO SR-R7900P Ver.1.030 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Insufficiently protected credentials vulnerability in \u0027TEPRA\u0027 PRO SR5900P Ver.1.080 and earlier and \u0027TEPRA\u0027 PRO SR-R7900P Ver.1.030 and earlier allows an attacker on the adjacent network to obtain credentials for connecting to the Wi-Fi access point with the infrastructure mode."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Insufficiently protected credentials",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-17T09:10:32.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.kingjim.co.jp/download/security/#sr01"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/jp/JVN81479705/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2022-0184",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "TEPRA PRO",
"version": {
"version_data": [
{
"version_value": "\u0027TEPRA\u0027 PRO SR5900P Ver.1.080 and earlier and \u0027TEPRA\u0027 PRO SR-R7900P Ver.1.030 and earlier"
}
]
}
}
]
},
"vendor_name": "KING JIM CO.,LTD."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insufficiently protected credentials vulnerability in \u0027TEPRA\u0027 PRO SR5900P Ver.1.080 and earlier and \u0027TEPRA\u0027 PRO SR-R7900P Ver.1.030 and earlier allows an attacker on the adjacent network to obtain credentials for connecting to the Wi-Fi access point with the infrastructure mode."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficiently protected credentials"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.kingjim.co.jp/download/security/#sr01",
"refsource": "MISC",
"url": "https://www.kingjim.co.jp/download/security/#sr01"
},
{
"name": "https://jvn.jp/en/jp/JVN81479705/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/en/jp/JVN81479705/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2022-0184",
"datePublished": "2022-01-17T09:10:32.000Z",
"dateReserved": "2022-01-11T00:00:00.000Z",
"dateUpdated": "2024-08-02T23:18:42.544Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-0183 (GCVE-0-2022-0183)
Vulnerability from nvd – Published: 2022-01-17 09:10 – Updated: 2024-08-02 23:18
VLAI
Summary
Missing encryption of sensitive data vulnerability in 'MIRUPASS' PW10 firmware all versions and 'MIRUPASS' PW20 firmware all versions allows an attacker who can physically access the device to obtain the stored passwords.
Severity
No CVSS data available.
CWE
- Missing encryption of sensitive data
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.kingjim.co.jp/download/security/#mirupass | x_refsource_MISC |
| https://jvn.jp/en/jp/JVN19826500/index.html | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| KING JIM CO.,LTD. | MIRUPASS |
Affected:
'MIRUPASS' PW10 firmware all versions and 'MIRUPASS' PW20 firmware all versions
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:18:42.528Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.kingjim.co.jp/download/security/#mirupass"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN19826500/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MIRUPASS",
"vendor": "KING JIM CO.,LTD.",
"versions": [
{
"status": "affected",
"version": "\u0027MIRUPASS\u0027 PW10 firmware all versions and \u0027MIRUPASS\u0027 PW20 firmware all versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Missing encryption of sensitive data vulnerability in \u0027MIRUPASS\u0027 PW10 firmware all versions and \u0027MIRUPASS\u0027 PW20 firmware all versions allows an attacker who can physically access the device to obtain the stored passwords."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Missing encryption of sensitive data",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-17T09:10:30.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.kingjim.co.jp/download/security/#mirupass"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/jp/JVN19826500/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2022-0183",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MIRUPASS",
"version": {
"version_data": [
{
"version_value": "\u0027MIRUPASS\u0027 PW10 firmware all versions and \u0027MIRUPASS\u0027 PW20 firmware all versions"
}
]
}
}
]
},
"vendor_name": "KING JIM CO.,LTD."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Missing encryption of sensitive data vulnerability in \u0027MIRUPASS\u0027 PW10 firmware all versions and \u0027MIRUPASS\u0027 PW20 firmware all versions allows an attacker who can physically access the device to obtain the stored passwords."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Missing encryption of sensitive data"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.kingjim.co.jp/download/security/#mirupass",
"refsource": "MISC",
"url": "https://www.kingjim.co.jp/download/security/#mirupass"
},
{
"name": "https://jvn.jp/en/jp/JVN19826500/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/en/jp/JVN19826500/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2022-0183",
"datePublished": "2022-01-17T09:10:31.000Z",
"dateReserved": "2022-01-11T00:00:00.000Z",
"dateUpdated": "2024-08-02T23:18:42.528Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-0184 (GCVE-0-2022-0184)
Vulnerability from cvelistv5 – Published: 2022-01-17 09:10 – Updated: 2024-08-02 23:18
VLAI
Summary
Insufficiently protected credentials vulnerability in 'TEPRA' PRO SR5900P Ver.1.080 and earlier and 'TEPRA' PRO SR-R7900P Ver.1.030 and earlier allows an attacker on the adjacent network to obtain credentials for connecting to the Wi-Fi access point with the infrastructure mode.
Severity
No CVSS data available.
CWE
- Insufficiently protected credentials
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.kingjim.co.jp/download/security/#sr01 | x_refsource_MISC |
| https://jvn.jp/en/jp/JVN81479705/index.html | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| KING JIM CO.,LTD. | TEPRA PRO |
Affected:
'TEPRA' PRO SR5900P Ver.1.080 and earlier and 'TEPRA' PRO SR-R7900P Ver.1.030 and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:18:42.544Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.kingjim.co.jp/download/security/#sr01"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN81479705/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "TEPRA PRO",
"vendor": "KING JIM CO.,LTD.",
"versions": [
{
"status": "affected",
"version": "\u0027TEPRA\u0027 PRO SR5900P Ver.1.080 and earlier and \u0027TEPRA\u0027 PRO SR-R7900P Ver.1.030 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Insufficiently protected credentials vulnerability in \u0027TEPRA\u0027 PRO SR5900P Ver.1.080 and earlier and \u0027TEPRA\u0027 PRO SR-R7900P Ver.1.030 and earlier allows an attacker on the adjacent network to obtain credentials for connecting to the Wi-Fi access point with the infrastructure mode."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Insufficiently protected credentials",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-17T09:10:32.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.kingjim.co.jp/download/security/#sr01"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/jp/JVN81479705/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2022-0184",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "TEPRA PRO",
"version": {
"version_data": [
{
"version_value": "\u0027TEPRA\u0027 PRO SR5900P Ver.1.080 and earlier and \u0027TEPRA\u0027 PRO SR-R7900P Ver.1.030 and earlier"
}
]
}
}
]
},
"vendor_name": "KING JIM CO.,LTD."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insufficiently protected credentials vulnerability in \u0027TEPRA\u0027 PRO SR5900P Ver.1.080 and earlier and \u0027TEPRA\u0027 PRO SR-R7900P Ver.1.030 and earlier allows an attacker on the adjacent network to obtain credentials for connecting to the Wi-Fi access point with the infrastructure mode."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficiently protected credentials"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.kingjim.co.jp/download/security/#sr01",
"refsource": "MISC",
"url": "https://www.kingjim.co.jp/download/security/#sr01"
},
{
"name": "https://jvn.jp/en/jp/JVN81479705/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/en/jp/JVN81479705/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2022-0184",
"datePublished": "2022-01-17T09:10:32.000Z",
"dateReserved": "2022-01-11T00:00:00.000Z",
"dateUpdated": "2024-08-02T23:18:42.544Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-0183 (GCVE-0-2022-0183)
Vulnerability from cvelistv5 – Published: 2022-01-17 09:10 – Updated: 2024-08-02 23:18
VLAI
Summary
Missing encryption of sensitive data vulnerability in 'MIRUPASS' PW10 firmware all versions and 'MIRUPASS' PW20 firmware all versions allows an attacker who can physically access the device to obtain the stored passwords.
Severity
No CVSS data available.
CWE
- Missing encryption of sensitive data
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.kingjim.co.jp/download/security/#mirupass | x_refsource_MISC |
| https://jvn.jp/en/jp/JVN19826500/index.html | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| KING JIM CO.,LTD. | MIRUPASS |
Affected:
'MIRUPASS' PW10 firmware all versions and 'MIRUPASS' PW20 firmware all versions
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:18:42.528Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.kingjim.co.jp/download/security/#mirupass"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN19826500/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MIRUPASS",
"vendor": "KING JIM CO.,LTD.",
"versions": [
{
"status": "affected",
"version": "\u0027MIRUPASS\u0027 PW10 firmware all versions and \u0027MIRUPASS\u0027 PW20 firmware all versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Missing encryption of sensitive data vulnerability in \u0027MIRUPASS\u0027 PW10 firmware all versions and \u0027MIRUPASS\u0027 PW20 firmware all versions allows an attacker who can physically access the device to obtain the stored passwords."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Missing encryption of sensitive data",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-17T09:10:30.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.kingjim.co.jp/download/security/#mirupass"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/jp/JVN19826500/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2022-0183",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MIRUPASS",
"version": {
"version_data": [
{
"version_value": "\u0027MIRUPASS\u0027 PW10 firmware all versions and \u0027MIRUPASS\u0027 PW20 firmware all versions"
}
]
}
}
]
},
"vendor_name": "KING JIM CO.,LTD."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Missing encryption of sensitive data vulnerability in \u0027MIRUPASS\u0027 PW10 firmware all versions and \u0027MIRUPASS\u0027 PW20 firmware all versions allows an attacker who can physically access the device to obtain the stored passwords."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Missing encryption of sensitive data"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.kingjim.co.jp/download/security/#mirupass",
"refsource": "MISC",
"url": "https://www.kingjim.co.jp/download/security/#mirupass"
},
{
"name": "https://jvn.jp/en/jp/JVN19826500/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/en/jp/JVN19826500/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2022-0183",
"datePublished": "2022-01-17T09:10:31.000Z",
"dateReserved": "2022-01-11T00:00:00.000Z",
"dateUpdated": "2024-08-02T23:18:42.528Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
JVNDB-2022-000005
Vulnerability from jvndb - Published: 2022-01-13 15:26 - Updated:2022-01-13 15:26
Severity
Summary
PASSWORD MANAGER "MIRUPASS" PW10 / PW20 missing encryption
Details
PASSWORD MANAGER "MIRUPASS" PW10 / PW20 provided by KING JIM CO.,LTD. contain a missing encryption vulnerability (CWE-311).
Taizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2022/JVNDB-2022-000005.html",
"dc:date": "2022-01-13T15:26+09:00",
"dcterms:issued": "2022-01-13T15:26+09:00",
"dcterms:modified": "2022-01-13T15:26+09:00",
"description": "PASSWORD MANAGER \"MIRUPASS\" PW10 / PW20 provided by KING JIM CO.,LTD. contain a missing encryption vulnerability (CWE-311).\r\n\r\nTaizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2022/JVNDB-2022-000005.html",
"sec:cpe": [
{
"#text": "cpe:/o:kingjim:mirupass_pw10_firmware",
"@product": "Password Manager \"MIRUPASS\" PW10 firmware",
"@vendor": "KING JIM CO.,LTD.",
"@version": "2.2"
},
{
"#text": "cpe:/o:kingjim:mirupass_pw20_firmware",
"@product": "Password Manager \"MIRUPASS\" PW20 firmware",
"@vendor": "KING JIM CO.,LTD.",
"@version": "2.2"
}
],
"sec:cvss": [
{
"@score": "4.9",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N",
"@version": "2.0"
},
{
"@score": "4.6",
"@severity": "Medium",
"@type": "Base",
"@vector": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2022-000005",
"sec:references": [
{
"#text": "https://jvn.jp/en/jp/JVN19826500/index.html",
"@id": "JVN#19826500",
"@source": "JVN"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2022-0183",
"@id": "CVE-2022-0183",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-0183",
"@id": "CVE-2022-0183",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "PASSWORD MANAGER \"MIRUPASS\" PW10 / PW20 missing encryption"
}
JVNDB-2022-000004
Vulnerability from jvndb - Published: 2022-01-13 15:21 - Updated:2022-01-13 15:21
Severity
Summary
Label printers "TEPRA" PRO SR5900P / SR-R7900P vulnerable to insufficiently protected credentials
Details
Label printers "TEPRA" PRO SR5900P / SR-R7900P provided by KING JIM CO.,LTD. contain an insufficiently protected credentials vulnerability (CWE-522).
Taizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2022/JVNDB-2022-000004.html",
"dc:date": "2022-01-13T15:21+09:00",
"dcterms:issued": "2022-01-13T15:21+09:00",
"dcterms:modified": "2022-01-13T15:21+09:00",
"description": "Label printers \"TEPRA\" PRO SR5900P / SR-R7900P provided by KING JIM CO.,LTD. contain an insufficiently protected credentials vulnerability (CWE-522).\r\n\r\nTaizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2022/JVNDB-2022-000004.html",
"sec:cpe": [
{
"#text": "cpe:/o:kingjim:tepura_pro_sr-7900p_firmware",
"@product": "Label Printer \"Tepra\" PRO SR-R7900P",
"@vendor": "KING JIM CO.,LTD.",
"@version": "2.2"
},
{
"#text": "cpe:/o:kingjim:tepura_pro_sr5900p_firmware",
"@product": "Label Printer \"Tepra\" PRO SR5900P",
"@vendor": "KING JIM CO.,LTD.",
"@version": "2.2"
}
],
"sec:cvss": [
{
"@score": "3.3",
"@severity": "Low",
"@type": "Base",
"@vector": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"@version": "2.0"
},
{
"@score": "4.3",
"@severity": "Medium",
"@type": "Base",
"@vector": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2022-000004",
"sec:references": [
{
"#text": "https://jvn.jp/en/jp/JVN81479705/index.html",
"@id": "JVN#81479705",
"@source": "JVN"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2022-0184",
"@id": "CVE-2022-0184",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-0184",
"@id": "CVE-2022-0184",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "Label printers \"TEPRA\" PRO SR5900P / SR-R7900P vulnerable to insufficiently protected credentials"
}