Access Restriction Bypass in Calsos CSDJ Products by NEC
CVE-2021-20653

5.3MEDIUM

Key Information:

Vendor: Nec Platforms, Ltd.
Status: Calsos Csdj
Vendor: CVE Published:; 17 February 2021

🔔 Create Nec Platforms, Ltd. Vulnerability Alert

What is CVE-2021-20653?

The vulnerability in Calsos CSDJ products allows remote attackers to bypass access restrictions, enabling unauthorized access to sensitive historical data. This flaw affects multiple versions of the CSDJ product line, posing a significant risk of information leaks. Attackers can exploit unspecified vectors to gain access even without the necessary privileges, highlighting the importance of updating affected systems to protect against potential data compromise.

Affected Version(s)

Calsos CSDJ CSDJ-B 01.08.00 and earlier, CSDJ-H 01.08.00 and earlier, CSDJ-D 01.08.00 and earlier, and CSDJ-A 03.08.00 and earlier

References

https://jpn.nec.com/security-info/secinfo/nv21-006.html

x_refsource_MISC

https://jvn.jp/en/jp/JVN87164507/index.html

x_refsource_MISC

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 17, 2021
Vulnerability Reserved
Dec 17, 2020

CVE-2021-20653 Data

JSON