{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-47397", "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "state": "PUBLISHED", "assignerShortName": "jpcert", "dateReserved": "2024-12-10T07:10:15.313Z", "datePublished": "2024-12-18T06:35:16.031Z", "dateUpdated": "2024-12-18T14:58:49.381Z"}, "containers": {"cna": {"affected": [{"vendor": "FXC Inc.", "product": "AE1021", "versions": [{"version": "firmware versions 2.0.10 and earlier", "status": "affected"}]}, {"vendor": "FXC Inc.", "product": "AE1021PE", "versions": [{"version": "firmware versions 2.0.10 and earlier", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "Weak authentication issue exists in AE1021 firmware versions 2.0.10 and earlier and AE1021PE firmware versions 2.0.10 and earlier. If this vulnerability is exploited, the authentication may be bypassed with an undocumented specific string."}], "problemTypes": [{"descriptions": [{"description": "Weak authentication", "lang": "en-US", "cweId": "CWE-1390", "type": "CWE"}]}], "references": [{"url": "https://www.fxc.jp/news/20241213"}, {"url": "https://jvn.jp/en/vu/JVNVU91084137/"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en-US", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "baseSeverity": "HIGH", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}}], "providerMetadata": {"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert", "dateUpdated": "2024-12-18T06:35:16.031Z"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-12-18T14:58:36.329686Z", "id": "CVE-2024-47397", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-12-18T14:58:49.381Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-47397", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-12-18T14:58:36.329686Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-12-18T14:58:43.132Z"}}], "cna": {"metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}, "scenarios": [{"lang": "en-US", "value": "GENERAL"}]}], "affected": [{"vendor": "FXC Inc.", "product": "AE1021", "versions": [{"status": "affected", "version": "firmware versions 2.0.10 and earlier"}]}, {"vendor": "FXC Inc.", "product": "AE1021PE", "versions": [{"status": "affected", "version": "firmware versions 2.0.10 and earlier"}]}], "references": [{"url": "https://www.fxc.jp/news/20241213"}, {"url": "https://jvn.jp/en/vu/JVNVU91084137/"}], "descriptions": [{"lang": "en", "value": "Weak authentication issue exists in AE1021 firmware versions 2.0.10 and earlier and AE1021PE firmware versions 2.0.10 and earlier. If this vulnerability is exploited, the authentication may be bypassed with an undocumented specific string."}], "problemTypes": [{"descriptions": [{"lang": "en-US", "type": "CWE", "cweId": "CWE-1390", "description": "Weak authentication"}]}], "providerMetadata": {"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert", "dateUpdated": "2024-12-18T06:35:16.031Z"}}}, "cveMetadata": {"cveId": "CVE-2024-47397", "state": "PUBLISHED", "dateUpdated": "2024-12-18T14:58:49.381Z", "dateReserved": "2024-12-10T07:10:15.313Z", "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "datePublished": "2024-12-18T06:35:16.031Z", "assignerShortName": "jpcert"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Weak authentication issue exists in AE1021 firmware versions 2.0.10 and earlier and AE1021PE firmware versions 2.0.10 and earlier. If this vulnerability is exploited, the authentication may be bypassed with an undocumented specific string."}, {"lang": "es", "value": "Existe un problema de autenticaci\u00f3n d\u00e9bil en las versiones de firmware 2.0.10 y anteriores de AE1021 y en las versiones de firmware 2.0.10 y anteriores de AE1021PE. Si se explota esta vulnerabilidad, se puede eludir la autenticaci\u00f3n con una cadena espec\u00edfica no documentada."}], "id": "CVE-2024-47397", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "vultures@jpcert.or.jp", "type": "Secondary"}]}, "published": "2024-12-18T07:15:07.847", "references": [{"source": "vultures@jpcert.or.jp", "url": "https://jvn.jp/en/vu/JVNVU91084137/"}, {"source": "vultures@jpcert.or.jp", "url": "https://www.fxc.jp/news/20241213"}], "sourceIdentifier": "vultures@jpcert.or.jp", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1390"}], "source": "vultures@jpcert.or.jp", "type": "Secondary"}]}

{}

{}