cvelistv5 - cve-2024-47549

CVE-2024-47549 (GCVE-0-2024-47549)

Vulnerability from cvelistv5

Published

2024-10-25 06:18

Modified

2024-10-25 18:32

Severity ?

7.4 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N

CWE

CWE-644 - Improper Neutralization of HTTP Headers for Scripting Syntax

Summary

Sharp and Toshiba Tec MFPs improperly process query parameters in HTTP requests, which may allow contamination of unintended data to HTTP response headers. Accessing a crafted URL which points to an affected product may cause malicious script executed on the web browser.

References

URL

Tags

	https://jvn.jp/en/vu/JVNVU95063136/
	https://global.sharp/products/copier/info/info_security_2024-10.html
	https://www.toshibatec.com/information/20241025_01.html

Impacted products

Vendor

Product

Version

Sharp Corporation

Sharp Digital Full-color MFPs and Monochrome MFPs

Version: see the information provided by Sharp Corporation

Toshiba Tec Corporation	e-STUDIO 908	Version: T2.12.h3.00 and earlier versions
Toshiba Tec Corporation	e-STUDIO 1058	Version: T1.01.h4.00 and earlier versions
Toshiba Tec Corporation	e-STUDIO 1208	Version: T1.01.h4.00 and earlier versions

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-47549",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-25T18:32:15.403947Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-25T18:32:25.798Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Sharp Digital Full-color MFPs and Monochrome MFPs",
          "vendor": "Sharp Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "see the information provided by Sharp Corporation"
            }
          ]
        },
        {
          "product": "e-STUDIO 908",
          "vendor": "Toshiba Tec Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "T2.12.h3.00 and earlier versions"
            }
          ]
        },
        {
          "product": "e-STUDIO 1058",
          "vendor": "Toshiba Tec Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "T1.01.h4.00 and earlier versions"
            }
          ]
        },
        {
          "product": "e-STUDIO 1208",
          "vendor": "Toshiba Tec Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "T1.01.h4.00 and earlier versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Sharp and Toshiba Tec MFPs improperly process query parameters in HTTP requests, which may allow contamination of unintended data to HTTP response headers.\r\nAccessing a crafted URL which points to an affected product may cause malicious script executed on the web browser."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-644",
              "description": "Improper Neutralization of HTTP Headers for Scripting Syntax",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-25T09:02:15.707Z",
        "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "shortName": "jpcert"
      },
      "references": [
        {
          "url": "https://jvn.jp/en/vu/JVNVU95063136/"
        },
        {
          "url": "https://global.sharp/products/copier/info/info_security_2024-10.html"
        },
        {
          "url": "https://www.toshibatec.com/information/20241025_01.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
    "assignerShortName": "jpcert",
    "cveId": "CVE-2024-47549",
    "datePublished": "2024-10-25T06:18:42.287Z",
    "dateReserved": "2024-10-16T05:26:38.340Z",
    "dateUpdated": "2024-10-25T18:32:25.798Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-47549\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-10-25T18:32:15.403947Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-10-25T18:32:22.432Z\"}}], \"cna\": {\"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 7.4, \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N\"}, \"scenarios\": [{\"lang\": \"en-US\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Sharp Corporation\", \"product\": \"Sharp Digital Full-color MFPs and Monochrome MFPs\", \"versions\": [{\"status\": \"affected\", \"version\": \"see the information provided by Sharp Corporation\"}]}, {\"vendor\": \"Toshiba Tec Corporation\", \"product\": \"e-STUDIO 908\", \"versions\": [{\"status\": \"affected\", \"version\": \"T2.12.h3.00 and earlier versions\"}]}, {\"vendor\": \"Toshiba Tec Corporation\", \"product\": \"e-STUDIO 1058\", \"versions\": [{\"status\": \"affected\", \"version\": \"T1.01.h4.00 and earlier versions\"}]}, {\"vendor\": \"Toshiba Tec Corporation\", \"product\": \"e-STUDIO 1208\", \"versions\": [{\"status\": \"affected\", \"version\": \"T1.01.h4.00 and earlier versions\"}]}], \"references\": [{\"url\": \"https://jvn.jp/en/vu/JVNVU95063136/\"}, {\"url\": \"https://global.sharp/products/copier/info/info_security_2024-10.html\"}, {\"url\": \"https://www.toshibatec.com/information/20241025_01.html\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Sharp and Toshiba Tec MFPs improperly process query parameters in HTTP requests, which may allow contamination of unintended data to HTTP response headers.\\r\\nAccessing a crafted URL which points to an affected product may cause malicious script executed on the web browser.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en-US\", \"type\": \"CWE\", \"cweId\": \"CWE-644\", \"description\": \"Improper Neutralization of HTTP Headers for Scripting Syntax\"}]}], \"providerMetadata\": {\"orgId\": \"ede6fdc4-6654-4307-a26d-3331c018e2ce\", \"shortName\": \"jpcert\", \"dateUpdated\": \"2024-10-25T09:02:15.707Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-47549\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-10-25T18:32:25.798Z\", \"dateReserved\": \"2024-10-16T05:26:38.340Z\", \"assignerOrgId\": \"ede6fdc4-6654-4307-a26d-3331c018e2ce\", \"datePublished\": \"2024-10-25T06:18:42.287Z\", \"assignerShortName\": \"jpcert\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

cve-2024-47549

Vulnerability from jvndb

Published

2024-10-28 17:33

Modified

2024-10-28 17:33

Severity ?

9.1 (Critical) - cvssV3_0 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Summary

Multiple vulnerabilities in Sharp and Toshiba Tec MFPs

Details

MFPs (multifunction printers) provided by Sharp and Toshiba Tec Corporation contain multiple vulnerabilites listed below. <ul> <li>Out-of-bounds Read (CWE-125) <ul> <li>CVE-2024-42420</li> <li>Out-of-bounds read vulnerabilities coming from improper processing of keyword search input and improper processing of SOAP messages</li> </ul> </li> <li>Out-of-bounds Read (CWE-125) <ul> <li>CVE-2024-43424</li> <li>Out-of-bounds read vulnerability coming from improper processing of HTTP request headers</li> </ul> </li> <li>Out-of-bounds Read (CWE-125) <ul> <li>CVE-2024-45829</li> <li>Out-of-bounds read vulnerability in the web page providing data downloading, where query parameters in HTTP requests are improperly processed</li> </ul> </li> <li>Path traversal (CWE-22) <ul> <li>CVE-2024-45842</li> <li>Improper processing of URI data in HTTP PUT requests leads to path traversal vulnerability, unintended internal files may be retrieved</li> </ul> </li> <li>Improper access restriction on some configuration related APIs (CWE-749) <ul> <li>CVE-2024-47005</li> <li>Some configuration related APIs are expected to be called by administrative users only, but insufficiently restricted</li> </ul> </li> <li>Authentication Bypass Using an Alternate Path (CWE-288) <ul> <li>CVE-2024-47406</li> <li>Improper processing of HTTP authentication requests may lead to authentication bypass</li> </ul> </li> <li>Improper processing of query parameters in HTTP requests (CWE-644) <ul> <li>CVE-2024-47549</li> <li>Improper processing of query parameters of HTTP requests may allow contamination of unintended data to HTTP response headers</li> </ul> </li> <li>Reflected Cross-site Scripting (CWE-79) <ul> <li>CVE-2024-47801</li> <li>Reflected cross-site scripting vulnerability coming from improper processing of query parameters in HTTP requests</li> </ul> </li> <li>Stored Cross-site Scripting (CWE-79) <ul> <li>CVE-2024-48870</li> <li>Stored cross-site scripting vulnerability coming from improper input data validation in URI data registration</li> </ul> </li> </ul> Sharp Corporation reported these vulnerabilities to JPCERT/CC to notify users of its solution through JVN.