CVE-2023-38555
8.8
Vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 2.8 / Impact: 5.9
Source: NVD
Description
Authentication bypass vulnerability in Fujitsu network devices Si-R series and SR-M series allows a network-adjacent unauthenticated attacker to obtain, change, and/or reset configuration settings of the affected products. Affected products and versions are as follows: Si-R 30B all versions, Si-R 130B all versions, Si-R 90brin all versions, Si-R570B all versions, Si-R370B all versions, Si-R220D all versions, Si-R G100 V02.54 and earlier, Si-R G200 V02.54 and earlier, Si-R G100B V04.12 and earlier, Si-R G110B V04.12 and earlier, Si-R G200B V04.12 and earlier, Si-R G210 V20.52 and earlier, Si-R G211 V20.52 and earlier, Si-R G120 V20.52 and earlier, Si-R G121 V20.52 and earlier, and SR-M 50AP1 all versions.
Affected (16)
Products: Fujitsu: Si R 30b Firmware, Si R 130b Firmware, Si R 90brin Firmware, Si R570b Firmware, Si R370b Firmware, Si R220d Firmware, Si R G100 Firmware, Si R G200 Firmware, Si R G100b Firmware, Si R G110b Firmware, Si R G200b Firmware, Si R G210 Firmware, Si R G211 Firmware, Si R G120 Firmware, Si R G121 Firmware, Sr M 50ap1 Firmware
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Fujitsu Si R 30b | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Fujitsu Si R 130b | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Fujitsu Si R 90brin | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Fujitsu Si R570b | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Fujitsu Si R370b | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Fujitsu Si R220d | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 02.54 |
| Running on/with | Platform Versions |
|---|---|
Fujitsu Si R G100 | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 02.54 |
| Running on/with | Platform Versions |
|---|---|
Fujitsu Si R G200 | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 04.12 |
| Running on/with | Platform Versions |
|---|---|
Fujitsu Si R G100b | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 04.12 |
| Running on/with | Platform Versions |
|---|---|
Fujitsu Si R G110b | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 04.12 |
| Running on/with | Platform Versions |
|---|---|
Fujitsu Si R G200b | All versions |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 20.52 |
| Running on/with | Platform Versions |
|---|---|
Fujitsu Si R G210 | All versions |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 20.52 |
| Running on/with | Platform Versions |
|---|---|
Fujitsu Si R G211 | All versions |
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 20.52 |
| Running on/with | Platform Versions |
|---|---|
Fujitsu Si R G120 | All versions |
Configuration O
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 20.52 |
| Running on/with | Platform Versions |
|---|---|
Fujitsu Si R G121 | All versions |
Configuration P
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Fujitsu Sr M 50ap1 | All versions |
References (4)
Source: vultures@jpcert.or.jp
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.