[Japanese]

JVNDB-2024-003068

Multiple vulnerabilities in Cente middleware

Overview

Some products in Cente middleware TCP/IP Network Series developed by DMG MORI Digital Co., LTD. and provided by NEXT Co., Ltd. contain multiple vulnerabilities listed below.

* Out-of-bounds Read caused by improper checking of the option length values in IPv6 NDP packets (CWE-125)
* Out-of-bounds Read caused by improper checking of the option length values in IPv6 headers (CWE-125)
* Generation of Predictable Identifiers (CWE-340)

DMG MORI Digital Co., LTD. reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.
CVSS Severity (What is CVSS?)

CVSS V3 Severity:
Base Metrics 5.3 (Medium) [Other]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: Low
The above CVSS base scores have been assigned for CVE-2024-23911

CVSS V3 Severity:
Base Metrics5.3 (Medium) [Other]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: Low
The above CVSS base scores have been assigned for CVE-2024-28894

CVSS V3 Severity:
Base Metrics5.3 (Medium) [Other]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: Low
The above CVSS base scores have been assigned for CVE-2024-28957
Affected Products


NEXT Co., LTD.
  • Cente IPv6 Ver.1.51 and earlier (CVE-2024-23911,CVE-2024-28894,CVE-2024-28957)
  • Cente IPv6 SNMPv2 Ver.2.30 and earlier (CVE-2024-23911,CVE-2024-28894,CVE-2024-28957)
  • Cente IPv6 SNMPv3 Ver.2.30 and earlier (CVE-2024-23911,CVE-2024-28894,CVE-2024-28957)
  • Cente TCP/IPv4 Ver.1.41 and earlier (CVE-2024-28957)
  • Cente TCP/IPv4 SNMPv2 Ver.2.30 and earlier (CVE-2024-28957)
  • Cente TCP/IPv4 SNMPv3 Ver.2.30 and earlier (CVE-2024-28957)

Impact

* An unauthenticated attacker may stop the device operations by sending a specially crafted packet (CVE-2024-23911, CVE-2024-28894)
* An unauthenticated attacker may interfere communications by predicting some packet header IDs of the device (CVE-2024-28957)
Solution

[Update the middleware]
Update the middleware to the latest version according to the information provided by the developer.
Vendor Information

NEXT Co., LTD.
CWE (What is CWE?)

  1. Out-of-bounds Read(CWE-125) [Other]
  2. Generation of Predictable Numbers or Identifiers(CWE-340) [Other]
CVE (What is CVE?)

  1. CVE-2024-28957
  2. CVE-2024-23911
  3. CVE-2024-28894
References

  1. JVN : JVNVU#94016877
Revision History

  • [2024/04/05]
      Web page was published

Date Public2024/04/04
Date First Published2024/04/05
Date Last Updated2024/04/05