Main Vulnerability Database SB2023072611

SB2023072611 - Improper Authentication in Fujitsu Si-R series and SR-M series network devices

Published: July 26, 2023

Security Bulletin ID SB2023072611

Severity

Low

Patch available

Number of vulnerabilities 1

Exploitation vector Adjecent network

Highest impact Data manipulation

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Improper Authentication (CVE-ID: CVE-2023-38555)

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to an error in when processing authentication requests in the web management interface. A remote attacker on the local network can obtain the product's configuration information or change/reset the configuration settings.

Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

References

Vulnerable Software

Si-R 30B: All versions
Si-R 130B: All versions
Si-R 90brin: All versions
Si-R570B: All versions
Si-R370B: All versions
Si-R220D: All versions
Si-R G100: 02.54 and previous versions
Si-R G200: 02.54 and previous versions
Si-R G100B: 04.12 and previous versions
Si-R G110B: 04.12 and previous versions
Si-R G200B: 04.12 and previous versions
Si-R G210: 20.52 and previous versions
Si-R G211: 20.52 and previous versions
Si-R G120: 20.52 and previous versions
Si-R G121: 20.52 and previous versions
SR-M 50AP1: All versions

SB2023072611 - Improper Authentication in Fujitsu Si-R series and SR-M series network devices

Breakdown by Severity

Description

Remediation

References

Please verify you're human