← Back

CVE-2019-10950

nvd nist
Published: Apr 30, 2019Modified: Nov 21, 2024

JSON object

Loading...
9.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD

Description

Fujifilm FCR Capsula X/ Carbon X/ FCR XC-2, model versions CR-IR 357 FCR Carbon X, CR-IR 357 FCR XC-2, FCR-IR 357 FCR Capsula X provide insecure telnet services that lack authentication requirements. An attacker who successfully exploits this vulnerability may be able to access the underlying operating system.

Affected (3)

Fujifilm
3 products
Cr Ir 357 Fcr Carbon X Firmware
Cr Ir 357 Fcr Xc 2 Firmware
Cr Ir 357 Fcr Capsula X Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Cr Ir 357 Fcr Carbon X Firmware
All versions
Running on/withPlatform Versions
Fujifilm
Cr Ir 357 Fcr Carbon X
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Cr Ir 357 Fcr Xc 2 Firmware
All versions
Running on/withPlatform Versions
Fujifilm
Cr Ir 357 Fcr Xc 2
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Cr Ir 357 Fcr Capsula X Firmware
All versions
Running on/withPlatform Versions
Fujifilm
Cr Ir 357 Fcr Capsula X
All versions

Related CWEs

CWE-284
Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
CWE-306
Missing Authentication for Critical Function
The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

References (4)

Source: ics-cert@hq.dhs.gov
Third Party AdvisoryVDB Entry
Source: ics-cert@hq.dhs.gov
Third Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource

Timeline

No history available yet.