{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-36454", "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "state": "PUBLISHED", "assignerShortName": "jpcert", "dateReserved": "2024-05-28T08:11:26.050Z", "datePublished": "2024-06-12T05:12:24.382Z", "dateUpdated": "2024-08-02T03:37:05.198Z"}, "containers": {"cna": {"affected": [{"vendor": "Fsas Technologies Inc.", "product": "IPCOM EX2 Series (V01L0x Series)", "versions": [{"version": "V01L07NF0201 and earlier", "status": "affected"}]}, {"vendor": "Fsas Technologies Inc.", "product": "IPCOM VE2 Series", "versions": [{"version": "V01L07NF0201 and earlier", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "Use of uninitialized resource issue exists in IPCOM EX2 Series (V01L0x Series) V01L07NF0201 and earlier, and IPCOM VE2 Series V01L07NF0201 and earlier. If this vulnerability is exploited, the system may be rebooted or suspended by receiving a specially crafted packet."}], "problemTypes": [{"descriptions": [{"description": "Use of Uninitialized Resource", "lang": "en", "type": "text"}]}], "references": [{"url": "https://www.fujitsu.com/jp/products/network/support/2024/ipcom-02/"}, {"url": "https://jvn.jp/en/jp/JVN25594256/"}], "providerMetadata": {"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert", "dateUpdated": "2024-06-12T05:12:24.382Z"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-908", "lang": "en", "description": "CWE-908 Use of Uninitialized Resource"}]}], "affected": [{"vendor": "fujitsu", "product": "ipcom_ex2_sc_3500_firmware", "cpes": ["cpe:2.3:o:fujitsu:ipcom_ex2_in_3200_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:fujitsu:ipcom_ex2_in_3500_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:fujitsu:ipcom_ex2_lb_3200_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:fujitsu:ipcom_ex2_lb_3500_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:fujitsu:ipcom_ex2_sc_3200_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:fujitsu:ipcom_ex2_sc_3500_firmware:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "01l07nf0201", "versionType": "custom"}]}, {"vendor": "fujitsu", "product": "ipcom_ve2_ls_plus2_220_firmware", "cpes": ["cpe:2.3:o:fujitsu:ipcom_ve2_ls_plus_100_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:fujitsu:ipcom_ve2_ls_plus_200_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:fujitsu:ipcom_ve2_ls_plus2_200_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:fujitsu:ipcom_ve2_ls_plus_220_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:fujitsu:ipcom_ve2_ls_plus2_220_firmware:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "01l07nf0201", "versionType": "custom"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-07-16T18:17:41.103809Z", "id": "CVE-2024-36454", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-16T18:27:45.717Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T03:37:05.198Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.fujitsu.com/jp/products/network/support/2024/ipcom-02/", "tags": ["x_transferred"]}, {"url": "https://jvn.jp/en/jp/JVN25594256/", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-36454", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-07-16T18:17:41.103809Z"}}}], "affected": [{"cpes": ["cpe:2.3:o:fujitsu:ipcom_ex2_in_3200_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:fujitsu:ipcom_ex2_in_3500_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:fujitsu:ipcom_ex2_lb_3200_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:fujitsu:ipcom_ex2_lb_3500_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:fujitsu:ipcom_ex2_sc_3200_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:fujitsu:ipcom_ex2_sc_3500_firmware:-:*:*:*:*:*:*:*"], "vendor": "fujitsu", "product": "ipcom_ex2_sc_3500_firmware", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "01l07nf0201"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:fujitsu:ipcom_ve2_ls_plus_100_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:fujitsu:ipcom_ve2_ls_plus_200_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:fujitsu:ipcom_ve2_ls_plus2_200_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:fujitsu:ipcom_ve2_ls_plus_220_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:fujitsu:ipcom_ve2_ls_plus2_220_firmware:-:*:*:*:*:*:*:*"], "vendor": "fujitsu", "product": "ipcom_ve2_ls_plus2_220_firmware", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "01l07nf0201"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-908", "description": "CWE-908 Use of Uninitialized Resource"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-16T18:18:58.948Z"}}], "cna": {"affected": [{"vendor": "Fsas Technologies Inc.", "product": "IPCOM EX2 Series (V01L0x Series)", "versions": [{"status": "affected", "version": "V01L07NF0201 and earlier"}]}, {"vendor": "Fsas Technologies Inc.", "product": "IPCOM VE2 Series", "versions": [{"status": "affected", "version": "V01L07NF0201 and earlier"}]}], "references": [{"url": "https://www.fujitsu.com/jp/products/network/support/2024/ipcom-02/"}, {"url": "https://jvn.jp/en/jp/JVN25594256/"}], "descriptions": [{"lang": "en", "value": "Use of uninitialized resource issue exists in IPCOM EX2 Series (V01L0x Series) V01L07NF0201 and earlier, and IPCOM VE2 Series V01L07NF0201 and earlier. If this vulnerability is exploited, the system may be rebooted or suspended by receiving a specially crafted packet."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "Use of Uninitialized Resource"}]}], "providerMetadata": {"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert", "dateUpdated": "2024-06-12T05:12:24.382Z"}}}, "cveMetadata": {"cveId": "CVE-2024-36454", "state": "PUBLISHED", "dateUpdated": "2024-07-16T18:27:45.717Z", "dateReserved": "2024-05-28T08:11:26.050Z", "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "datePublished": "2024-06-12T05:12:24.382Z", "assignerShortName": "jpcert"}, "dataVersion": "5.1"}

{"descriptions": [{"lang": "en", "value": "Use of uninitialized resource issue exists in IPCOM EX2 Series (V01L0x Series) V01L07NF0201 and earlier, and IPCOM VE2 Series V01L07NF0201 and earlier. If this vulnerability is exploited, the system may be rebooted or suspended by receiving a specially crafted packet."}, {"lang": "es", "value": "El problema del uso de recursos no inicializados existe en IPCOM EX2 Series (V01L0x Series) V01L07NF0201 y anteriores, y en IPCOM VE2 Series V01L07NF0201 y anteriores. Si se aprovecha esta vulnerabilidad, el sistema puede reiniciarse o suspenderse al recibir un paquete especialmente manipulado."}], "id": "CVE-2024-36454", "lastModified": "2024-11-21T09:22:13.247", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-06-12T06:15:09.127", "references": [{"source": "vultures@jpcert.or.jp", "url": "https://jvn.jp/en/jp/JVN25594256/"}, {"source": "vultures@jpcert.or.jp", "url": "https://www.fujitsu.com/jp/products/network/support/2024/ipcom-02/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://jvn.jp/en/jp/JVN25594256/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.fujitsu.com/jp/products/network/support/2024/ipcom-02/"}], "sourceIdentifier": "vultures@jpcert.or.jp", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-908"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{}