Vulnerabilites related to T&D Corporation - T&D Data Server and THERMO RECORDER DATA SERVER
CVE-2022-29509 (GCVE-0-2022-29509)
Vulnerability from cvelistv5
Published
2022-06-14 07:05
Modified
2024-08-03 06:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Directory traversal
Summary
Directory traversal vulnerability in T&D Data Server (Japanese Edition) Ver.2.22 and earlier, T&D Data Server (English Edition) Ver.2.30 and earlier, THERMO RECORDER DATA SERVER (Japanese Edition) Ver.2.13 and earlier, and THERMO RECORDER DATA SERVER (English Edition) Ver.2.13 and earlier allows a remote attacker to view an arbitrary file on the server via unspecified vectors.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| T&D Corporation | T&D Data Server and THERMO RECORDER DATA SERVER |
Version: T&D Data Server (Japanese Edition) Ver.2.22 and earlier, T&D Data Server (English Edition) Ver.2.30 and earlier, THERMO RECORDER DATA SERVER (Japanese Edition) Ver.2.13 and earlier, and THERMO RECORDER DATA SERVER (English Edition) Ver.2.13 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:26:05.979Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://tandd.com/news/detail.html?id=696"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tandd.co.jp/news/detail.html?id=522"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN28659051/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "T\u0026D Data Server and THERMO RECORDER DATA SERVER",
"vendor": "T\u0026D Corporation",
"versions": [
{
"status": "affected",
"version": "T\u0026D Data Server (Japanese Edition) Ver.2.22 and earlier, T\u0026D Data Server (English Edition) Ver.2.30 and earlier, THERMO RECORDER DATA SERVER (Japanese Edition) Ver.2.13 and earlier, and THERMO RECORDER DATA SERVER (English Edition) Ver.2.13 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in T\u0026D Data Server (Japanese Edition) Ver.2.22 and earlier, T\u0026D Data Server (English Edition) Ver.2.30 and earlier, THERMO RECORDER DATA SERVER (Japanese Edition) Ver.2.13 and earlier, and THERMO RECORDER DATA SERVER (English Edition) Ver.2.13 and earlier allows a remote attacker to view an arbitrary file on the server via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Directory traversal",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-14T07:05:42",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://tandd.com/news/detail.html?id=696"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tandd.co.jp/news/detail.html?id=522"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/jp/JVN28659051/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2022-29509",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "T\u0026D Data Server and THERMO RECORDER DATA SERVER",
"version": {
"version_data": [
{
"version_value": "T\u0026D Data Server (Japanese Edition) Ver.2.22 and earlier, T\u0026D Data Server (English Edition) Ver.2.30 and earlier, THERMO RECORDER DATA SERVER (Japanese Edition) Ver.2.13 and earlier, and THERMO RECORDER DATA SERVER (English Edition) Ver.2.13 and earlier"
}
]
}
}
]
},
"vendor_name": "T\u0026D Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in T\u0026D Data Server (Japanese Edition) Ver.2.22 and earlier, T\u0026D Data Server (English Edition) Ver.2.30 and earlier, THERMO RECORDER DATA SERVER (Japanese Edition) Ver.2.13 and earlier, and THERMO RECORDER DATA SERVER (English Edition) Ver.2.13 and earlier allows a remote attacker to view an arbitrary file on the server via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Directory traversal"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tandd.com/news/detail.html?id=696",
"refsource": "MISC",
"url": "https://tandd.com/news/detail.html?id=696"
},
{
"name": "https://www.tandd.co.jp/news/detail.html?id=522",
"refsource": "MISC",
"url": "https://www.tandd.co.jp/news/detail.html?id=522"
},
{
"name": "https://jvn.jp/en/jp/JVN28659051/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/en/jp/JVN28659051/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2022-29509",
"datePublished": "2022-06-14T07:05:42",
"dateReserved": "2022-05-06T00:00:00",
"dateUpdated": "2024-08-03T06:26:05.979Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}