CVE-2022-29516

CVSS V2 High 10 CVSS V3 Critical 9.8
Description
The web console of FUJITSU Network IPCOM series (IPCOM EX2 IN(3200, 3500), IPCOM EX2 LB(1100, 3200, 3500), IPCOM EX2 SC(1100, 3200, 3500), IPCOM EX2 NW(1100, 3200, 3500), IPCOM EX2 DC, IPCOM EX2 DC, IPCOM EX IN(2300, 2500, 2700), IPCOM EX LB(1100, 1300, 2300, 2500, 2700), IPCOM EX SC(1100, 1300, 2300, 2500, 2700), and IPCOM EX NW(1100, 1300, 2300, 2500, 2700)) allows a remote attacker to execute an arbitrary OS command via unspecified vectors.
Overview
  • CVE ID
  • CVE-2022-29516
  • Assigner
  • vultures@jpcert.or.jp
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2022-05-18T15:15:10
  • Last Modified Date
  • 2022-06-01T16:58:38
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
AND
cpe:2.3:o:fujitsu:ipcom_ex2_nw_1100_firmware:*:*:*:*:*:*:*:* 1 OR v01l05_nf0501
cpe:2.3:h:fujitsu:ipcom_ex2_nw_1100:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:fujitsu:ipcom_ex2_nw_3500_firmware:*:*:*:*:*:*:*:* 1 OR v01l05_nf0501
cpe:2.3:h:fujitsu:ipcom_ex2_nw_3500:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:fujitsu:ipcom_ex2_nw_3200_firmware:*:*:*:*:*:*:*:* 1 OR v01l05_nf0501
cpe:2.3:h:fujitsu:ipcom_ex2_nw_3200:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:fujitsu:ipcom_ex2_sc_1100_firmware:*:*:*:*:*:*:*:* 1 OR v01l05_nf0501
cpe:2.3:h:fujitsu:ipcom_ex2_sc_1100:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:fujitsu:ipcom_ex2_sc_3500_firmware:*:*:*:*:*:*:*:* 1 OR v01l05_nf0501
cpe:2.3:h:fujitsu:ipcom_ex2_sc_3500:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:fujitsu:ipcom_ex2_sc_3200_firmware:*:*:*:*:*:*:*:* 1 OR v01l05_nf0501
cpe:2.3:h:fujitsu:ipcom_ex2_sc_3200:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:fujitsu:ipcom_ex2_lb_1100_firmware:*:*:*:*:*:*:*:* 1 OR v01l05_nf0501
cpe:2.3:h:fujitsu:ipcom_ex2_lb_1100:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:fujitsu:ipcom_ex2_lb_3500_firmware:*:*:*:*:*:*:*:* 1 OR v01l05_nf0501
cpe:2.3:h:fujitsu:ipcom_ex2_lb_3500:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:fujitsu:ipcom_ex2_lb_3200_firmware:*:*:*:*:*:*:*:* 1 OR v01l05_nf0501
cpe:2.3:h:fujitsu:ipcom_ex2_lb_3200:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:fujitsu:ipcom_ex2_in_1100_firmware:*:*:*:*:*:*:*:* 1 OR v01l05_nf0501
cpe:2.3:h:fujitsu:ipcom_ex2_in_1100:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:fujitsu:ipcom_ex2_in_3200_firmware:*:*:*:*:*:*:*:* 1 OR v01l05_nf0501
cpe:2.3:h:fujitsu:ipcom_ex2_in_3200:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:fujitsu:ipcom_ex2_in_3500_firmware:*:*:*:*:*:*:*:* 1 OR v01l05_nf0501
cpe:2.3:h:fujitsu:ipcom_ex2_in_3500:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:fujitsu:ipcom_ex2_dc_3500_firmware:*:*:*:*:*:*:*:* 1 OR v02l21_nf0201
cpe:2.3:h:fujitsu:ipcom_ex2_dc_3500:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:fujitsu:ipcom_ex2_dc_3200_firmware:*:*:*:*:*:*:*:* 1 OR v02l21_nf0201
cpe:2.3:h:fujitsu:ipcom_ex2_dc_3200:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:fujitsu:ipcom_ex_in_2300_firmware:*:*:*:*:*:*:*:* 1 OR e20l33_nf1101
cpe:2.3:h:fujitsu:ipcom_ex_in_2300:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:fujitsu:ipcom_ex_in_2500_firmware:*:*:*:*:*:*:*:* 1 OR e20l33_nf1101
cpe:2.3:h:fujitsu:ipcom_ex_in_2500:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:fujitsu:ipcom_ex_in_2700_firmware:*:*:*:*:*:*:*:* 1 OR e20l33_nf1101
cpe:2.3:h:fujitsu:ipcom_ex_in_2700:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:fujitsu:ipcom_ex_lb_1100_firmware:*:*:*:*:*:*:*:* 1 OR e20l33_nf1101
cpe:2.3:h:fujitsu:ipcom_ex_lb_1100:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:fujitsu:ipcom_ex_lb_1300_firmware:*:*:*:*:*:*:*:* 1 OR e20l33_nf1101
cpe:2.3:h:fujitsu:ipcom_ex_lb_1300:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:fujitsu:ipcom_ex_lb_2300_firmware:*:*:*:*:*:*:*:* 1 OR e20l33_nf1101
cpe:2.3:h:fujitsu:ipcom_ex_lb_2300:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:fujitsu:ipcom_ex_lb_2500_firmware:*:*:*:*:*:*:*:* 1 OR e20l33_nf1101
cpe:2.3:h:fujitsu:ipcom_ex_lb_2500:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:fujitsu:ipcom_ex_lb_2700_firmware:*:*:*:*:*:*:*:* 1 OR e20l33_nf1101
cpe:2.3:h:fujitsu:ipcom_ex_lb_2700:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:fujitsu:ipcom_ex_sc_1100_firmware:*:*:*:*:*:*:*:* 1 OR e20l33_nf1101
cpe:2.3:h:fujitsu:ipcom_ex_sc_1100:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:fujitsu:ipcom_ex_sc_1300_firmware:*:*:*:*:*:*:*:* 1 OR e20l33_nf1101
cpe:2.3:h:fujitsu:ipcom_ex_sc_1300:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:fujitsu:ipcom_ex_sc_2300_firmware:*:*:*:*:*:*:*:* 1 OR e20l33_nf1101
cpe:2.3:h:fujitsu:ipcom_ex_sc_2300:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:fujitsu:ipcom_ex_sc_2500_firmware:*:*:*:*:*:*:*:* 1 OR e20l33_nf1101
cpe:2.3:h:fujitsu:ipcom_ex_sc_2500:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:fujitsu:ipcom_ex_sc_2700_firmware:*:*:*:*:*:*:*:* 1 OR e20l33_nf1101
cpe:2.3:h:fujitsu:ipcom_ex_sc_2700:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:fujitsu:ipcom_ex_nw_1100_firmware:*:*:*:*:*:*:*:* 1 OR e20l33_nf1101
cpe:2.3:h:fujitsu:ipcom_ex_nw_1100:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:fujitsu:ipcom_ex_nw_1300_firmware:*:*:*:*:*:*:*:* 1 OR e20l33_nf1101
cpe:2.3:h:fujitsu:ipcom_ex_nw_1300:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:fujitsu:ipcom_ex_nw_2300_firmware:*:*:*:*:*:*:*:* 1 OR e20l33_nf1101
cpe:2.3:h:fujitsu:ipcom_ex_nw_2300:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:fujitsu:ipcom_ex_nw_2500_firmware:*:*:*:*:*:*:*:* 1 OR e20l33_nf1101
cpe:2.3:h:fujitsu:ipcom_ex_nw_2500:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:fujitsu:ipcom_ex_nw_2700_firmware:*:*:*:*:*:*:*:* 1 OR e20l33_nf1101
cpe:2.3:h:fujitsu:ipcom_ex_nw_2700:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:fujitsu:ipcom_ve2_ls_100_firmware:*:*:*:*:*:*:*:* 1 OR e20l33_nf1101
cpe:2.3:h:fujitsu:ipcom_ve2_ls_100:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:fujitsu:ipcom_ve2_ls_200_firmware:*:*:*:*:*:*:*:* 1 OR e20l33_nf1101
cpe:2.3:h:fujitsu:ipcom_ve2_ls_200:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:fujitsu:ipcom_ve2_ls_220_firmware:*:*:*:*:*:*:*:* 1 OR e20l33_nf1101
cpe:2.3:h:fujitsu:ipcom_ve2_ls_220:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:fujitsu:ipcom_ve2_ls_plus_100_firmware:*:*:*:*:*:*:*:* 1 OR e20l33_nf1101
cpe:2.3:h:fujitsu:ipcom_ve2_ls_plus_100:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:fujitsu:ipcom_ve2_ls_plus_200_firmware:*:*:*:*:*:*:*:* 1 OR e20l33_nf1101
cpe:2.3:h:fujitsu:ipcom_ve2_ls_plus_200:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:fujitsu:ipcom_ve2_ls_plus_220_firmware:*:*:*:*:*:*:*:* 1 OR e20l33_nf1101
cpe:2.3:h:fujitsu:ipcom_ve2_ls_plus_220:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:fujitsu:ipcom_ve2_ls_plus2_200_firmware:*:*:*:*:*:*:*:* 1 OR e20l33_nf1101
cpe:2.3:h:fujitsu:ipcom_ve2_ls_plus2_200:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:fujitsu:ipcom_ve2_ls_plus2_220_firmware:*:*:*:*:*:*:*:* 1 OR e20l33_nf1101
cpe:2.3:h:fujitsu:ipcom_ve2_ls_plus2_220:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:fujitsu:ipcom_ve2_sc_100_firmware:*:*:*:*:*:*:*:* 1 OR e20l33_nf1101
cpe:2.3:h:fujitsu:ipcom_ve2_sc_100:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:fujitsu:ipcom_ve2_sc_200_firmware:*:*:*:*:*:*:*:* 1 OR e20l33_nf1101
cpe:2.3:h:fujitsu:ipcom_ve2_sc_200:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:fujitsu:ipcom_ve2_sc_220_firmware:*:*:*:*:*:*:*:* 1 OR e20l33_nf1101
cpe:2.3:h:fujitsu:ipcom_ve2_sc_220:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:fujitsu:ipcom_ve2_sc_plus_100_firmware:*:*:*:*:*:*:*:* 1 OR e20l33_nf1101
cpe:2.3:h:fujitsu:ipcom_ve2_sc_plus_100:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:fujitsu:ipcom_ve2_sc_plus_200_firmware:*:*:*:*:*:*:*:* 1 OR e20l33_nf1101
cpe:2.3:h:fujitsu:ipcom_ve2_sc_plus_200:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:fujitsu:ipcom_ve2_sc_plus_220_firmware:*:*:*:*:*:*:*:* 1 OR e20l33_nf1101
cpe:2.3:h:fujitsu:ipcom_ve2_sc_plus_220:-:*:*:*:*:*:*:* 0 OR
CVSS Version 2
  • Version
  • 2.0
  • Vector String
  • AV:N/AC:L/Au:N/C:C/I:C/A:C
  • Access Vector
  • NETWORK
  • Access Compatibility
  • LOW
  • Authentication
  • NONE
  • Confidentiality Impact
  • COMPLETE
  • Integrity Impact
  • COMPLETE
  • Availability Impact
  • COMPLETE
  • Base Score
  • 10
  • Severity
  • HIGH
  • Exploitability Score
  • 10
  • Impact Score
  • 10
CVSS Version 3
  • Version
  • 3.1
  • Vector String
  • CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Attack Vector
  • NETWORK
  • Attack Compatibility
  • LOW
  • Privileges Required
  • NONE
  • User Interaction
  • NONE
  • Scope
  • UNCHANGED
  • Confidentiality Impact
  • HIGH
  • Availability Impact
  • HIGH
  • Base Score
  • 9.8
  • Base Severity
  • CRITICAL
  • Exploitability Score
  • 3.9
  • Impact Score
  • 5.9
History
Created Old Value New Value Data Type Notes
2022-05-18 16:00:22 Added to TrackCVE