CVE-2024-47549

CVSS V2 None CVSS V3 None

Description

Sharp and Toshiba Tec MFPs improperly process query parameters in HTTP requests, which may allow contamination of unintended data to HTTP response headers. Accessing a crafted URL which points to an affected product may cause malicious script executed on the web browser.

Overview

CVE ID
CVE-2024-47549

Assigner
jpcert

Vulnerability Status
PUBLISHED

Published Version
2024-10-25T06:18:42.287Z

Last Modified Date
2024-10-25T18:32:25.798Z

Weakness Enumerations

CWE	URL
CWE-644	http://cwe.mitre.org/data/definitions/644.html

References

Reference URL	Reference Tags
https://jvn.jp/en/vu/JVNVU95063136/
https://global.sharp/products/copier/info/info_security_2024-10.html
https://www.toshibatec.com/information/20241025_01.html

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2024-47549
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47549

History

Created	Old Value	New Value	Data Type	Notes
2024-10-26 13:25:30				Added to TrackCVE