Access Restriction Bypass in NEC Platforms Calsos CSDX and CSDJ Series Products
CVE-2018-0613

8.8HIGH

Key Information:

Vendor: Nec Platforms, Ltd.
Status: Calsos Csdx And Csdj Series Products
Vendor: CVE Published:; 26 July 2018

🔔 Create Nec Platforms, Ltd. Vulnerability Alert

What is CVE-2018-0613?

NEC Platforms Calsos CSDX and CSDJ series products suffer from a vulnerability that enables remote authenticated attackers to bypass access controls. This flaw can allow unauthorized users to perform arbitrary operations at an administrative level, potentially compromising sensitive data and system integrity. Various versions of the CSDX and CSDJ products are affected, underscoring the need for immediate attention and patching to mitigate potential exploitation.

Affected Version(s)

Calsos CSDX and CSDJ series products CSDX 1.37210411 and earlier, CSDX(P) 4.37210411 and earlier, CSDX(D) 3.37210411 and earlier, CSDX(S) 2.37210411 and earlier, CSDJ-B 01.03.00 and earlier, CSDJ-H 01.03.00 and earlier, CSDJ-D 01.03.00 and earlier, CSDJ-A 03.00.00

References

https://www.necplatforms.co.jp/product/enkaku/info180702....

x_refsource_CONFIRM

http://jvn.jp/en/jp/JVN63895206/index.html

third-party-advisoryx_refsource_JVN

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 26, 2018
Vulnerability Reserved
Nov 27, 2017

CVE-2018-0613 Data

JSON