CVE-2023-39341

Published Aug 9, 2023

Last updated a year ago

CVSS low 3.3

Overview

Description: "FFRI yarai", "FFRI yarai Home and Business Edition" and their OEM products handle exceptional conditions improperly, which may lead to denial-of-service (DoS) condition. Affected products and versions are as follows: FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0, FFRI yarai Home and Business Edition version 1.4.0, InfoTrace Mark II Malware Protection (Mark II Zerona) versions 3.0.1 to 3.2.2, Zerona / Zerona PLUS versions 3.2.32 to 3.2.36, ActSecure χ versions 3.4.0 to 3.4.6 and 3.5.0, Dual Safe Powered by FFRI yarai version 1.4.1, EDR Plus Pack (Bundled FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0), and EDR Plus Pack Cloud (Bundled FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0).
Source: vultures@jpcert.or.jp
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 3.3
Impact score: 1.4
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Severity: LOW

Weaknesses

nvd@nist.gov: CWE-755

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ffri:dual_safe:1.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "20EF112B-225F-4880-B7A0-6C4AE9945E2D"
          },
          {
            "criteria": "cpe:2.3:a:ffri:ffri_yarai:*:*:*:*:-:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A44E7B03-2512-498B-9D21-38B19A97A336",
            "versionEndIncluding": "3.4.6",
            "versionStartIncluding": "3.4.0"
          },
          {
            "criteria": "cpe:2.3:a:ffri:ffri_yarai:1.4.0:*:*:*:home_and_business:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4AFD814C-9F3F-4E56-A24F-5650A171E3E9"
          },
          {
            "criteria": "cpe:2.3:a:ffri:ffri_yarai:3.5.0:*:*:*:-:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "41317723-07EF-4911-B340-9D32B71F897C"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:soliton:infotrace_mark_ii_malware_protection:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AB0991A6-F9EA-4ABD-BAEB-DD39EF595291",
            "versionEndIncluding": "3.2.2",
            "versionStartIncluding": "3.0.1"
          },
          {
            "criteria": "cpe:2.3:a:soliton:zerona:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E74EF415-FD34-44F9-B77C-1A221E29C73F",
            "versionEndIncluding": "3.2.36",
            "versionStartIncluding": "3.2.32"
          },
          {
            "criteria": "cpe:2.3:a:soliton:zerona_plus:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F55621CC-7C6C-4837-92EC-AE7A52260D17",
            "versionEndIncluding": "3.2.36",
            "versionStartIncluding": "3.2.32"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:nec:actsecure_x_managed_security_service:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4419A375-07A3-4AC9-8DF7-3EB6AE6E6BC6",
            "versionEndIncluding": "3.4.6",
            "versionStartIncluding": "3.4.0"
          },
          {
            "criteria": "cpe:2.3:a:nec:actsecure_x_managed_security_service:3.5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "78EEA207-0F94-4DA9-AF86-8507571D378A"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:skygroup:edr_plus_pack:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "862B4D6B-D084-4393-8B96-108F676BADA3",
            "versionEndIncluding": "3.4.6",
            "versionStartIncluding": "3.4.0"
          },
          {
            "criteria": "cpe:2.3:a:skygroup:edr_plus_pack:3.5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2D3D3C5F-A7D1-428C-8A27-A10062C53FF2"
          },
          {
            "criteria": "cpe:2.3:a:skygroup:edr_plus_pack_cloud:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "20F70879-2C78-47E4-AE0B-B4EAD74D1C4C",
            "versionEndIncluding": "3.4.6",
            "versionStartIncluding": "3.4.0"
          },
          {
            "criteria": "cpe:2.3:a:skygroup:edr_plus_pack_cloud:3.5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6CF54F00-D3EA-4E54-8590-8CA0BD37FF17"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References