CVE-2024-39921

EPSS 0.19%
Published 04.09.2024 03:15:03
Last modified 13.03.2025 14:15:29
Source vultures@jpcert.or.jp
Teams watchlist Login
Open Login

Observable timing discrepancy issue exists in IPCOM EX2 Series V01L02NF0001 to V01L06NF0401, V01L20NF0001 to V01L20NF0401, V02L20NF0001 to V02L21NF0301, and IPCOM VE2 Series V01L04NF0001 to V01L06NF0112. If this vulnerability is exploited, some of the encrypted communication may be decrypted by an attacker who can obtain the contents of the communication.

Affected products Warnungen 0 Metrics 3 CWE 1 References 5

Data is provided by the National Vulnerability Database (NVD)

Fujitsu ≫ Ipcom Ve2 Ls 100 Firmware Version >= v01l04nf0001 <= v01l06nf0112

Fujitsu ≫ Ipcom Ve2 Ls 100 Version-

Fujitsu ≫ Ipcom Ve2 Ls 200 Firmware Version >= v01l04nf0001 <= v01l06nf0112

Fujitsu ≫ Ipcom Ve2 Ls 200 Version-

Fujitsu ≫ Ipcom Ve2 Ls 220 Firmware Version >= v01l04nf0001 <= v01l06nf0112

Fujitsu ≫ Ipcom Ve2 Ls 220 Version-

Fujitsu ≫ Ipcom Ve2 Ls Plus 100 Firmware Version >= v01l04nf0001 <= v01l06nf0112

Fujitsu ≫ Ipcom Ve2 Ls Plus 100 Version-

Fujitsu ≫ Ipcom Ve2 Ls Plus 200 Firmware Version >= v01l04nf0001 <= v01l06nf0112

Fujitsu ≫ Ipcom Ve2 Ls Plus 200 Version-

Fujitsu ≫ Ipcom Ve2 Ls Plus 220 Firmware Version >= v01l04nf0001 <= v01l06nf0112

Fujitsu ≫ Ipcom Ve2 Ls Plus 220 Version-

Fujitsu ≫ Ipcom Ve2 Ls Plus2 200 Firmware Version >= v01l04nf0001 <= v01l06nf0112

Fujitsu ≫ Ipcom Ve2 Ls Plus2 200 Version-

Fujitsu ≫ Ipcom Ve2 Ls Plus2 220 Firmware Version >= v01l04nf0001 <= v01l06nf0112

Fujitsu ≫ Ipcom Ve2 Ls Plus2 220 Version-

Fujitsu ≫ Ipcom Ve2 Sc Plus 100 Firmware Version >= v01l04nf0001 <= v01l06nf0112

Fujitsu ≫ Ipcom Ve2 Sc Plus 100 Version-

Fujitsu ≫ Ipcom Ve2 Sc Plus 200 Firmware Version >= v01l04nf0001 <= v01l06nf0112

Fujitsu ≫ Ipcom Ve2 Sc Plus 200 Version-

Fujitsu ≫ Ipcom Ve2 Sc Plus 220 Firmware Version >= v01l04nf0001 <= v01l06nf0112

Fujitsu ≫ Ipcom Ve2 Sc Plus 220 Version-

Fujitsu ≫ Ipcom Ex2 In 3200 Firmware Version >= v01l02nf0001 <= v01l06nf0401

Fujitsu ≫ Ipcom Ex2 In 3200 Version-

Fujitsu ≫ Ipcom Ex2 In 3200 Firmware Version >= v01l20nf0001 <= v01l20nf0401

Fujitsu ≫ Ipcom Ex2 In 3200 Version-

Fujitsu ≫ Ipcom Ex2 In 3200 Firmware Version >= v02l20nf0001 <= v02l21nf0301

Fujitsu ≫ Ipcom Ex2 In 3200 Version-

Fujitsu ≫ Ipcom Ex2 In 3500 Firmware Version >= v01l02nf0001 <= v01l06nf0401

Fujitsu ≫ Ipcom Ex2 In 3500 Version-

Fujitsu ≫ Ipcom Ex2 In 3500 Firmware Version >= v01l20nf0001 <= v01l20nf0401

Fujitsu ≫ Ipcom Ex2 In 3500 Version-

Fujitsu ≫ Ipcom Ex2 In 3500 Firmware Version >= v02l20nf0001 <= v02l21nf0301

Fujitsu ≫ Ipcom Ex2 In 3500 Version-

Fujitsu ≫ Ipcom Ex2 Lb 3200 Firmware Version >= v01l02nf0001 <= v01l06nf0401

Fujitsu ≫ Ipcom Ex2 Lb 3200 Version-

Fujitsu ≫ Ipcom Ex2 Lb 3200 Firmware Version >= v01l20nf0001 <= v01l20nf0401

Fujitsu ≫ Ipcom Ex2 Lb 3200 Version-

Fujitsu ≫ Ipcom Ex2 Lb 3200 Firmware Version >= v02l20nf0001 <= v02l21nf0301

Fujitsu ≫ Ipcom Ex2 Lb 3200 Version-

Fujitsu ≫ Ipcom Ex2 Lb 3500 Firmware Version >= v01l02nf0001 <= v01l06nf0401

Fujitsu ≫ Ipcom Ex2 Lb 3500 Version-

Fujitsu ≫ Ipcom Ex2 Lb 3500 Firmware Version >= v01l20nf0001 <= v01l20nf0401

Fujitsu ≫ Ipcom Ex2 Lb 3500 Version-

Fujitsu ≫ Ipcom Ex2 Lb 3500 Firmware Version >= v02l20nf0001 <= v02l21nf0301

Fujitsu ≫ Ipcom Ex2 Lb 3500 Version-

Fujitsu ≫ Ipcom Ex2 Sc 3200 Firmware Version >= v01l02nf0001 <= v01l06nf0401

Fujitsu ≫ Ipcom Ex2 Sc 3200 Version-

Fujitsu ≫ Ipcom Ex2 Sc 3200 Firmware Version >= v01l20nf0001 <= v01l20nf0401

Fujitsu ≫ Ipcom Ex2 Sc 3200 Version-

Fujitsu ≫ Ipcom Ex2 Sc 3200 Firmware Version >= v02l20nf0001 <= v02l21nf0301

Fujitsu ≫ Ipcom Ex2 Sc 3200 Version-

Fujitsu ≫ Ipcom Ex2 Sc 3500 Firmware Version >= v01l02nf0001 <= v01l06nf0401

Fujitsu ≫ Ipcom Ex2 Sc 3500 Version-

Fujitsu ≫ Ipcom Ex2 Sc 3500 Firmware Version >= v01l20nf0001 <= v01l20nf0401

Fujitsu ≫ Ipcom Ex2 Sc 3500 Version-

Fujitsu ≫ Ipcom Ex2 Sc 3500 Firmware Version >= v02l20nf0001 <= v02l21nf0301

Fujitsu ≫ Ipcom Ex2 Sc 3500 Version-

Fujitsu ≫ Ipcom Ex2 Dc 3200 Firmware Version >= v01l02nf0001 <= v01l06nf0401

Fujitsu ≫ Ipcom Ex2 Dc 3200 Version-

Fujitsu ≫ Ipcom Ex2 Dc 3200 Firmware Version >= v01l20nf0001 <= v01l20nf0401

Fujitsu ≫ Ipcom Ex2 Dc 3200 Version-

Fujitsu ≫ Ipcom Ex2 Dc 3200 Firmware Version >= v02l20nf0001 <= v02l21nf0301

Fujitsu ≫ Ipcom Ex2 Dc 3200 Version-

Fujitsu ≫ Ipcom Ex2 Dc 3500 Firmware Version >= v01l02nf0001 <= v01l06nf0401

Fujitsu ≫ Ipcom Ex2 Dc 3500 Version-

Fujitsu ≫ Ipcom Ex2 Dc 3500 Firmware Version >= v01l20nf0001 <= v01l20nf0401

Fujitsu ≫ Ipcom Ex2 Dc 3500 Version-

Fujitsu ≫ Ipcom Ex2 Dc 3500 Firmware Version >= v02l20nf0001 <= v02l21nf0301

Fujitsu ≫ Ipcom Ex2 Dc 3500 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.19%	0.409

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
134c704f-9b21-4f2e-91b3-4a467353bcc0	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-203 Observable Discrepancy

The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor, which exposes security-relevant information about the state of the product, such as whether a particular operation was successful or not.

https://jvn.jp/en/jp/JVN29238389/

Third Party Advisory

Mitigation

https://www.fujitsu.com/jp/products/network/support/2024/ipcom-04/

Vendor Advisory

Mitigation

https://nvd.nist.gov/vuln/detail/CVE-2024-39921

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-39921

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-39921

EUVD