CVSS: 8.8EPSS: 0%CPEs: 48EXPL: 0CVE-2023-39547
https://notcve.org/view.php?id=CVE-2023-39547
CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleServerSafe 5.1 and earlier allows a attacker to log in to the product may execute an arbitrary command. CLUSTERPRO X Ver5.1 y anteriores y EXPRESSCLUSTER X 5.1 y anteriores, CLUSTERPRO X SingleServerSafe 5.0 y anteriores, EXPRESSCLUSTER X SingleServerSafe 5.0 y anteriores permiten que un atacante inicie sesión en el producto y pueda ejecutar un comando arbitrario. • https://jpn.nec.com/security-info/secinfo/nv23-009_en.html • CWE-294: Authentication Bypass by Capture-replay •
CVSS: 8.8EPSS: 0%CPEs: 52EXPL: 0CVE-2023-39546
https://notcve.org/view.php?id=CVE-2023-39546
CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleServerSafe 5.1 and earlier allows a attacker to log in to the product may execute an arbitrary command. CLUSTERPRO X Ver5.1 y anteriores y EXPRESSCLUSTER X 5.1 y anteriores, CLUSTERPRO X SingleServerSafe 5.0 y anteriores, EXPRESSCLUSTER X SingleServerSafe 5.0 y anteriores permiten que un atacante inicie sesión en el producto y pueda ejecutar un comando arbitrario. • https://jpn.nec.com/security-info/secinfo/nv23-009_en.html • CWE-836: Use of Password Hash Instead of Password for Authentication •
CVSS: 8.8EPSS: 0%CPEs: 52EXPL: 0CVE-2023-39545
https://notcve.org/view.php?id=CVE-2023-39545
CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleServerSafe 5.1 and earlier allows a attacker to log in to the product may execute an arbitrary command. CLUSTERPRO X Ver5.1 y anteriores y EXPRESSCLUSTER X 5.1 y anteriores, CLUSTERPRO X SingleServerSafe 5.0 y anteriores, EXPRESSCLUSTER X SingleServerSafe 5.0 y anteriores permiten que un atacante inicie sesión en el producto y pueda ejecutar un comando arbitrario. • https://jpn.nec.com/security-info/secinfo/nv23-009_en.html • CWE-552: Files or Directories Accessible to External Parties •
CVSS: 8.8EPSS: 0%CPEs: 52EXPL: 0CVE-2023-39544
https://notcve.org/view.php?id=CVE-2023-39544
CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleServerSafe 5.1 and earlier allows a attacker to log in to the product may execute an arbitrary command. CLUSTERPRO X Ver5.1 y anteriores y EXPRESSCLUSTER X 5.1 y anteriores, CLUSTERPRO X SingleServerSafe 5.0 y anteriores, EXPRESSCLUSTER X SingleServerSafe 5.0 y anteriores permiten que un atacante inicie sesión en el producto y pueda ejecutar un comando arbitrario. • https://jpn.nec.com/security-info/secinfo/nv23-009_en.html • CWE-862: Missing Authorization •
CVSS: 3.3EPSS: 0%CPEs: 13EXPL: 0CVE-2023-39341
https://notcve.org/view.php?id=CVE-2023-39341
"FFRI yarai", "FFRI yarai Home and Business Edition" and their OEM products handle exceptional conditions improperly, which may lead to denial-of-service (DoS) condition. Affected products and versions are as follows: FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0, FFRI yarai Home and Business Edition version 1.4.0, InfoTrace Mark II Malware Protection (Mark II Zerona) versions 3.0.1 to 3.2.2, Zerona / Zerona PLUS versions 3.2.32 to 3.2.36, ActSecure χ versions 3.4.0 to 3.4.6 and 3.5.0, Dual Safe Powered by FFRI yarai version 1.4.1, EDR Plus Pack (Bundled FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0), and EDR Plus Pack Cloud (Bundled FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0). • https://jvn.jp/en/jp/JVN42527152 https://www.ffri.jp/security-info/index.htm https://www.skyseaclientview.net/news/230807_01 https://www.soliton.co.jp/support/zerona_notice_2023.html https://www.sourcenext.com/support/i/2023/230718_01 https://www.support.nec.co.jp/View.aspx?id=3140109240 • CWE-755: Improper Handling of Exceptional Conditions •