Directory traversal vulnerability in CAMS for HIS CENTUM CS 3000 (includes CENTUM CS 3000 Small) R3.08.10 to R3.09.50, CENTUM VP (includes CENTUM VP Small, Basic) R4.01.00 to R6.07.00, B/M9000CS R5.04.01 to R5.05.01, and B/M9000 VP R6.01.01 to R8.03.01 allows a remote unauthenticated attacker to create or overwrite arbitrary files and run arbitrary commands via unspecified vectors.
References
Link | Resource |
---|---|
https://jvn.jp/vu/JVNVU97997181/index.html | Third Party Advisory |
https://web-material3.yokogawa.com/1/29820/files/YSAR-20-0001-E.pdf | Vendor Advisory |
https://jvn.jp/vu/JVNVU97997181/index.html | Third Party Advisory |
https://web-material3.yokogawa.com/1/29820/files/YSAR-20-0001-E.pdf | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
History
21 Nov 2024, 05:34
Type | Values Removed | Values Added |
---|---|---|
References | () https://jvn.jp/vu/JVNVU97997181/index.html - Third Party Advisory | |
References | () https://web-material3.yokogawa.com/1/29820/files/YSAR-20-0001-E.pdf - Vendor Advisory |
Information
Published : 2020-08-05 14:15
Updated : 2024-11-21 05:34
NVD link : CVE-2020-5609
Mitre link : CVE-2020-5609
CVE.ORG link : CVE-2020-5609
JSON object : View
Products Affected
yokogawa
- centum_vp
- b\/m9000vp_firmware
- centum_vp_firmware
- b\/m9000cs
- centum_cs_3000
- b\/m9000cs_firmware
- centum_cs_3000_firmware
- b\/m9000vp
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')