CVE-2023-39379
CVE-2023-39379
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.4%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
04 Aug 2023Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Fujitsu Software Infrastructure Manager (ISM) stores sensitive information at the product's maintenance data (ismsnap) in cleartext form. As a result, the password for the proxy server that is configured in ISM may be retrieved. Affected products and versions are as follows: Fujitsu Software Infrastructure Manager Advanced Edition V2.8.0.060, Fujitsu Software Infrastructure Manager Advanced Edition for PRIMEFLEX V2.8.0.060, and Fujitsu Software Infrastructure Manager Essential Edition V2.8.0.060.
Affected products
Fujitsu Limited · Fujitsu Software Infrastructure Manager Advanced EditionFujitsu Limited · Fujitsu Software Infrastructure Manager Advanced Edition for PRIMEFLEXFujitsu Limited · Fujitsu Software Infrastructure Manager Essential EditionWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →