Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-39379

Fujitsu Software Infrastructure Manager (ISM) stores sensitive information at the product's maintenance data (ismsnap) in cleartext form. As a result, the password for the proxy server that is configured in ISM may be retrieved. Affected products and versions are as follows: Fujitsu Software Infrastructure Manager Advanced Edition V2.8.0.060, Fujitsu Software Infrastructure Manager Advanced Edition for PRIMEFLEX V2.8.0.060, and Fujitsu Software Infrastructure Manager Essential Edition V2.8.0.060.

Published

2023-08-04T10:15:09.870

Last Modified

2024-11-21T08:15:16.917

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses

Type: Primary
CWE-312

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	fujitsu	software_infrastructure_manager	2.8.0.060	Yes
Application	fujitsu	software_infrastructure_manager	2.8.0.060	Yes
Application	fujitsu	software_infrastructure_manager	2.8.0.060	Yes

References

https://jvn.jp/en/jp/JVN38847224/ Third Party Advisory ([email protected])
https://support.ts.fujitsu.com/IndexProdSecurity.asp?lng=en Product ([email protected])
https://jvn.jp/en/jp/JVN38847224/ Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://support.ts.fujitsu.com/IndexProdSecurity.asp?lng=en Product (af854a3a-2127-422b-91ae-364da2661108)