|
[Japanese]
|
JVNDB-2024-011256
|
Multiple vulnerabilities in Sharp and Toshiba Tec MFPs
|
|
MFPs (multifunction printers) provided by Sharp and Toshiba Tec Corporation contain multiple vulnerabilites listed below.
- Out-of-bounds Read (CWE-125)
- CVE-2024-42420
- Out-of-bounds read vulnerabilities coming from improper processing of keyword search input and improper processing of SOAP messages
- Out-of-bounds Read (CWE-125)
- CVE-2024-43424
- Out-of-bounds read vulnerability coming from improper processing of HTTP request headers
- Out-of-bounds Read (CWE-125)
- CVE-2024-45829
- Out-of-bounds read vulnerability in the web page providing data downloading, where query parameters in HTTP requests are improperly processed
- Path traversal (CWE-22)
- CVE-2024-45842
- Improper processing of URI data in HTTP PUT requests leads to path traversal vulnerability, unintended internal files may be retrieved
- Improper access restriction on some configuration related APIs (CWE-749)
- CVE-2024-47005
- Some configuration related APIs are expected to be called by administrative users only, but insufficiently restricted
- Authentication Bypass Using an Alternate Path (CWE-288)
- CVE-2024-47406
- Improper processing of HTTP authentication requests may lead to authentication bypass
- Improper processing of query parameters in HTTP requests (CWE-644)
- CVE-2024-47549
- Improper processing of query parameters of HTTP requests may allow contamination of unintended data to HTTP response headers
- Reflected Cross-site Scripting (CWE-79)
- CVE-2024-47801
- Reflected cross-site scripting vulnerability coming from improper processing of query parameters in HTTP requests
- Stored Cross-site Scripting (CWE-79)
- CVE-2024-48870
- Stored cross-site scripting vulnerability coming from improper input data validation in URI data registration
Sharp Corporation reported these vulnerabilities to JPCERT/CC to notify users of its solution through JVN.
|
|
CVSS V3 Severity:
Base Metrics 9.1 (Critical) [Other]
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Confidentiality Impact: High
- Integrity Impact: None
- Availability Impact: High
The above CVSS base scores have been assigned for CVE-2024-47406
|
CVSS V3 Severity:
Base Metrics:8.1 (High) [Other]
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: None
- Scope: Unchanged
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: None
The above CVSS base scores have been assigned for CVE-2024-47005
|
CVSS V3 Severity:
Base Metrics:7.5 (High) [Other]
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: High
The above CVSS base scores have been assigned for CVE-2024-42420, CVE-2024-43424
|
CVSS V3 Severity:
Base Metrics:7.4 (High) [Other]
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Scope: Changed
- Confidentiality Impact: High
- Integrity Impact: None
- Availability Impact: None
The above CVSS base scores have been assigned for CVE-2024-47549, CVE-2024-47801
|
CVSS V3 Severity:
Base Metrics:6.2 (Medium) [Other]
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: High
- User Interaction: Required
- Scope: Changed
- Confidentiality Impact: High
- Integrity Impact: None
- Availability Impact: None
The above CVSS base scores have been assigned for CVE-2024-48870
|
CVSS V3 Severity:
Base Metrics:5.3 (Medium) [Other]
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Confidentiality Impact: None
- Integrity Impact: Low
- Availability Impact: None
The above CVSS base scores have been assigned for CVE-2024-45842
|
CVSS V3 Severity:
Base Metrics:4.9 (Medium) [Other]
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: High
- User Interaction: None
- Scope: Unchanged
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: High
The above CVSS base scores have been assigned for CVE-2024-45829
|
|
|
Sharp Corporation
TOSHIBA TEC
|
As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed below.
|
|
* Crafted HTTP requests may cause affected products crashed (CVE-2024-42420, CVE-2024-43424, CVE-2024-45829)
* Internal files may be retrieved when processing crafted HTTP requests (CVE-2024-45842)
* A non-administrative user may execute some configuration APIs (CVE-2024-47005)
* Authentication may be bypassed (CVE-2024-47406)
* Accessing a crafted URL which points to an affected product may cause malicious script executed on the web browser (CVE-2024-47549, CVE-2024-47801)
* If crafted input is stored by an administrative user, malicious script may be executed on the web browsers of other victim users (CVE-2024-48870)
|
|
[Update the firmware]
Apply the appropriate firmware update according to the information provided by the respective vendors.
[Apply workaround]
* Use the affected MFPs inside the network protected by firewall, etc.
* Set the administrative password (an initial password is set in the factory-default configuration, see the manual of the product)
* Change the administrative password from the initial configuration, and manage it appropriately
|
|
Sharp Corporation
TOSHIBA TEC
|
|
- Out-of-bounds Read(CWE-125) [Other]
- Path Traversal(CWE-22) [Other]
- Authentication Bypass Using an Alternate Path or Channel(CWE-288) [Other]
- Improper Neutralization of HTTP Headers for Scripting Syntax(CWE-644) [Other]
- Exposed Dangerous Method or Function(CWE-749) [Other]
- Cross-site Scripting(CWE-79) [Other]
|
|
- CVE-2024-42420
- CVE-2024-43424
- CVE-2024-45829
- CVE-2024-45842
- CVE-2024-47005
- CVE-2024-47406
- CVE-2024-47549
- CVE-2024-47801
- CVE-2024-48870
|
|
- JVN : JVNVU#95063136
|
|
- [2024/10/28]
Web page was published
|
