← Back

CVE-2019-5909

nvd nist
Published: Feb 13, 2019Modified: Nov 21, 2024

JSON object

Loading...
9.8
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD

Description

License Manager Service of YOKOGAWA products (CENTUM VP (R5.01.00 - R6.06.00), CENTUM VP Entry Class (R5.01.00 - R6.06.00), ProSafe-RS (R3.01.00 - R4.04.00), PRM (R4.01.00 - R4.02.00), B/M9000 VP(R7.01.01 - R8.02.03)) allows remote attackers to bypass access restriction to send malicious files to the PC where License Manager Service runs via unspecified vectors.

Affected (6)

Yokogawa
4 products
B/m 9000 Vp
Centum Vp
Prm
Prosafe Rs
Configuration A
6 vulnerable
Vulnerable SoftwareAffected Versions
B/m 9000 Vp
From r7.01.01 to r8.02.03
Yokogawa
Centum Vp
From r5.01.00 to r6.06.00
Centum Vp
From r5.01.00 to r6.06.00
Centum Vp
From r5.01.00 to r6.06.00
Prm
From r4.01.00 to r4.02.00
Prosafe Rs
From r3.01.00 to r4.04.00

Related CWEs

CWE-287
Improper Authentication
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

References (6)

Source: vultures@jpcert.or.jp
Third Party Advisory
Source: vultures@jpcert.or.jp
Third Party AdvisoryVDB Entry
Source: vultures@jpcert.or.jp
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.