CVE-2024-27974

Cross-site request forgery vulnerability in FUJIFILM printers which implement CentreWare Internet Services or Internet Services allows a remote unauthenticated attacker to alter user information. In the case the user is an administrator, the settings such as the administrator's ID, password, etc. may be altered. As for the details of affected product names, model numbers, and versions, refer to the information provided by the vendor listed under [References].
Configurations

No configuration.

History

21 Nov 2024, 09:05

Type Values Removed Values Added
References () https://jvn.jp/en/jp/JVN34328023/ - () https://jvn.jp/en/jp/JVN34328023/ -
References () https://www.fujifilm.com/fbglobal/eng/company/news/notice/2024/0306_1_announce.html - () https://www.fujifilm.com/fbglobal/eng/company/news/notice/2024/0306_1_announce.html -

31 Oct 2024, 18:35

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 6.3
CWE CWE-352

18 Mar 2024, 08:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-03-18 08:15

Updated : 2024-11-21 09:05


NVD link : CVE-2024-27974

Mitre link : CVE-2024-27974

CVE.ORG link : CVE-2024-27974


JSON object : View

Products Affected

No product.

CWE
CWE-352

Cross-Site Request Forgery (CSRF)