CVE-2023-39379
N/A
N/A
Summary
Fujitsu Software Infrastructure Manager (ISM) stores sensitive information at the product's maintenance data (ismsnap) in cleartext form. As a result, the password for the proxy server that is configured in ISM may be retrieved. Affected products and versions are as follows: Fujitsu Software Infrastructure Manager Advanced Edition V2.8.0.060, Fujitsu Software Infrastructure Manager Advanced Edition for PRIMEFLEX V2.8.0.060, and Fujitsu Software Infrastructure Manager Essential Edition V2.8.0.060.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Fujitsu Limited | Fujitsu Software Infrastructure Manager Advanced Edition | V2.8.0.060 | affected |
| Fujitsu Limited | Fujitsu Software Infrastructure Manager Advanced Edition for PRIMEFLEX | V2.8.0.060 | affected |
| Fujitsu Limited | Fujitsu Software Infrastructure Manager Essential Edition | V2.8.0.060 | affected |
Weaknesses
- Cleartext storage of sensitive information
ADP Enrichment
CVE Program Container
Additional References
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.