Sign-up

ID

VAR-201403-0716


TITLE

Hitachi JP1 / File Transmission Server / FTP Security Bypass Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2014-01601

DESCRIPTION

Hitachi JP1 / File Transmission Server / FTP is a file transfer service program. Hitachi JP1 / File Transmission Server / FTP failed to properly restrict directory access, allowing remote attackers to exploit the vulnerability to access restricted directories. Hitachi JP1/File Transmission Server/FTP is prone to a security-bypass vulnerability. An attacker may leverage this issue to bypass certain security restrictions and gain unauthorized access

Trust: 0.81

sources: CNVD: CNVD-2014-01601 // BID: 66049

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2014-01601

AFFECTED PRODUCTS

vendor:hitachimodel:jp1/file transmission server/ftpscope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2014-01601

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2014-01601
value: MEDIUM

Trust: 0.6

CNVD: CNVD-2014-01601
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2014-01601

THREAT TYPE

network

Trust: 0.3

sources: BID: 66049

TYPE

Access Validation Error

Trust: 0.3

sources: BID: 66049

PATCH

title:Patch for Hitachi JP1 / File Transmission Server / FTP Security Bypass Vulnerabilityurl:https://www.cnvd.org.cn/patchinfo/show/44179

Trust: 0.6

sources: CNVD: CNVD-2014-01601

EXTERNAL IDS

db:BIDid:66049

Trust: 0.9

db:SECUNIAid:57232

Trust: 0.6

db:HITACHIid:HS14-007

Trust: 0.6

db:CNVDid:CNVD-2014-01601

Trust: 0.6

sources: CNVD: CNVD-2014-01601 // BID: 66049

REFERENCES

url:http://secunia.com/advisories/57232/

Trust: 0.6

url:http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hs14-007/index.html

Trust: 0.6

url:http://www.hitachi.com/index.html

Trust: 0.3

url:http://www.hitachi.co.jp/prod/comp/soft1/global/prod/jp1/

Trust: 0.3

sources: CNVD: CNVD-2014-01601 // BID: 66049

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 66049

SOURCES

db:CNVDid:CNVD-2014-01601
db:BIDid:66049

LAST UPDATE DATE

2022-05-17T02:07:13.260000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2014-01601date:2014-03-12T00:00:00
db:BIDid:66049date:2014-03-07T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2014-01601date:2014-03-12T00:00:00
db:BIDid:66049date:2014-03-07T00:00:00