1+ <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
2+ < html xmlns ="http://www.w3.org/1999/xhtml " xml:lang ="ja " lang ="ja " style ="overflow-x:hidden ">
3+ < head >
4+ < meta http-equiv ="Content-Type " value ="text/html; charset=Shift_JIS ">
5+ < title > JVNDB-2018-013542 - JVN iPedia - 脆弱性対策情報データベース</ title >
6+
7+ < meta name ="Keywords " value ="脆弱性対策情報データベース ">
8+ < meta name ="Description " value ="脆弱性対策情報データベース ">
9+ < meta http-equiv ="X-UA-Compatible " value ="IE=edge, requiresActiveX=true ">
10+ < meta http-equiv ="Content-Script-Type " value ="text/javascript ">
11+ < meta http-equiv ="Content-Style-Type " value ="text/css ">
12+
13+ < link href ="https://jvndb.jvn.jp/common/css/master.css " rel ="stylesheet " type ="text/css " media ="screen,print ">
14+ < link media ="all " href ="https://jvndb.jvn.jp/common/css/provide.css " type ="text/css " rel ="stylesheet ">
15+ < link href ="https://jvndb.jvn.jp/common/css/font.css " rel ="stylesheet " type ="text/css " media ="screen,print ">
16+ < link href ="https://jvndb.jvn.jp/common/css/print.css " rel ="stylesheet " type ="text/css " media ="print ">
17+ < link href ="https://jvndb.jvn.jp/common/css/rightmenu.css " rel ="stylesheet " type ="text/css " media ="screen,print ">
18+
19+
20+ </ head >
21+ < body >
22+ < a name ="top " id ="top "> </ a >
23+
24+ < div id ="wrapper ">
25+
26+
27+ < div id ="header ">
28+ < div class ="logo "> < a href ="https://jvndb.jvn.jp/ "> < img height ="60 " alt ="JVN iPedia - 脆弱性対策情報データベース " src ="https://jvndb.jvn.jp/common/img/logo.gif " width ="490 " border ="0 "> </ a > </ div >
29+ < div class ="modifytxt "> 最終更新日:2019/02/22</ div >
30+ < div class ="modifytxt "> </ div >
31+ </ div >
32+ < div id ="head-bar ">
33+ < a href ="https://jvndb.jvn.jp/nav/guide_sysadm.html "> 【活用ガイド】</ a >
34+ </ div >
35+
36+
37+
38+ < div id ="mainarea ">
39+
40+ < div id ="leftarea ">
41+ < div class ="contents ">
42+ < div id ="news-list ">
43+ < br >
44+ < table class ="vuln_table_clase ">
45+
46+ < tr > < td colspan ="2 ">
47+ < h2 > < font face ="arial, geneva, helvetica "> JVNDB-2018-013542</ font > </ h2 >
48+ </ td > </ tr >
49+
50+ < tr > < td colspan ="2 ">
51+ < h2 > NETWAVE MNG6200 デバイスにおける証明書・パスワードの管理に関する脆弱性</ h2 >
52+ </ td > </ tr >
53+
54+ < tr > < td class ="vuln_table_clase_td_header " colspan ="2 ">
55+ < a name ="overview "> 概要</ a >
56+ </ td > </ tr >
57+ < tr > < td colspan ="2 ">
58+ < br >
59+ < blockquote >
60+ NETWAVE MNG6200 デバイスには、証明書・パスワードの管理に関する脆弱性が存在します。
61+ </ blockquote >
62+ </ td > </ tr >
63+ < tr > < td class ="vuln_table_clase_td_header " colspan ="2 ">
64+ < a name ="cvss "> CVSS による深刻度</ a > (< a href ="https://jvndb.jvn.jp/nav/jvndbhelp.html#jvndb3 " target ="_blank "> CVSS とは?</ a > )
65+ </ td > </ tr >
66+ < tr > < td colspan ="2 ">
67+ < br >
68+ < div style ="margin: 20px 40px; ">
69+ < div class ="clearfix ">
70+ < div class ="float_left ">
71+ < b > CVSS v3 による深刻度< br > 基本値: < a href ="https://jvndb.jvn.jp/cvss/ja/v3.html#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H " target ="_blank "> 9.8</ a > (緊急) [NVD値]</ b >
72+ < ul >
73+ < li > 攻撃元区分: ネットワーク</ li >
74+ < li > 攻撃条件の複雑さ: 低</ li >
75+ < li > 攻撃に必要な特権レベル: 不要</ li >
76+ < li > 利用者の関与: 不要</ li >
77+ < li > 影響の想定範囲: 変更なし</ li >
78+ < li > 機密性への影響(C): 高</ li >
79+ < li > 完全性への影響(I): 高</ li >
80+ < li > 可用性への影響(A): 高</ li >
81+ </ ul >
82+ </ div >
83+ < div class ="float_left ">
84+ < b > CVSS v2 による深刻度< br > 基本値: < a href ="https://jvndb.jvn.jp/cvss/ja/v2.html#AV:N/AC:L/Au:N/C:P/I:N/A:N " target ="_blank "> 5.0</ a > (警告) [NVD値]</ b >
85+ < ul >
86+ < li > 攻撃元区分: ネットワーク</ li >
87+ < li > 攻撃条件の複雑さ: 低</ li >
88+ < li > 攻撃前の認証要否: 不要</ li >
89+ < li > 機密性への影響(C): 部分的</ li >
90+ < li > 完全性への影響(I): なし</ li >
91+ < li > 可用性への影響(A): なし</ li >
92+ </ ul >
93+ </ div >
94+ </ div >
95+ < div style ="margin-top:20px ">
96+
97+ </ div >
98+ </ div >
99+ </ td > </ tr >
100+
101+ < tr > < td class ="vuln_table_clase_td_header " colspan ="2 ">
102+ < a name ="affect "> 影響を受けるシステム</ a >
103+ </ td > </ tr >
104+
105+ < tr > < td colspan ="2 ">
106+ < br >
107+ < blockquote >
108+
109+ </ blockquote >
110+ </ td > </ tr >
111+
112+ < tr > < td colspan ="2 ">
113+ < br >
114+ < blockquote >
115+ NETWAVE Networks, Inc.
116+ < ul >
117+ < li > MNG6200 ファームウェア C4835805jrc12FU121413.cpr</ li >
118+ </ ul >
119+ </ blockquote >
120+ </ td > </ tr >
121+
122+ < tr > < td colspan ="2 ">
123+ < br >
124+ < blockquote >
125+
126+ </ blockquote >
127+ </ td > </ tr >
128+
129+ < tr > < td class ="vuln_table_clase_td_header " colspan ="2 ">
130+ < a name ="impact "> 想定される影響</ a >
131+ </ td > </ tr >
132+
133+ < tr > < td colspan ="2 ">
134+ < br >
135+ < blockquote >
136+ 情報を取得される、情報を改ざんされる、およびサービス運用妨害 (DoS) 状態にされる可能性があります。
137+ </ blockquote >
138+ </ td > </ tr >
139+
140+ < tr > < td class ="vuln_table_clase_td_header " colspan ="2 ">
141+ < a name ="solution "> 対策</ a >
142+ </ td > </ tr >
143+
144+ < tr > < td colspan ="2 ">
145+ < br >
146+ < blockquote >
147+ 参考情報を参照して適切な対策を実施してください。
148+ </ blockquote >
149+ </ td > </ tr >
150+
151+ < tr > < td class ="vuln_table_clase_td_header " colspan ="2 ">
152+ < a name ="venderinf "> ベンダ情報</ a >
153+ </ td > </ tr >
154+
155+ < tr > < td colspan ="2 ">
156+ < br >
157+ < blockquote >
158+ </ blockquote >
159+ </ td > </ tr >
160+
161+
162+ < tr > < td class ="vuln_table_clase_td_header " colspan ="2 ">
163+ < a name ="cwe "> CWEによる脆弱性タイプ一覧</ a >   < a href ="http://www.ipa.go.jp/security/vuln/CWE.html " target ="_blank "> CWEとは?</ a >
164+ </ td > </ tr >
165+
166+
167+ < tr > < td colspan ="2 ">
168+ < br >
169+ < blockquote >
170+ < ol >
171+ < li > < a href ="https://jvndb.jvn.jp/ja/cwe/CWE-255.html " target ="_blank "> 証明書・パスワードの管理(CWE-255)</ a > [NVD評価]</ li >
172+ </ ol >
173+ </ blockquote >
174+ </ td > </ tr >
175+
176+
177+ < tr > < td class ="vuln_table_clase_td_header " colspan ="2 ">
178+ < a name ="cve "> 共通脆弱性識別子(CVE)</ a >   < a href ="http://www.ipa.go.jp/security/vuln/CVE.html " target ="_blank "> CVEとは?</ a >
179+ </ td > </ tr >
180+
181+ < tr > < td colspan ="2 ">
182+ < br >
183+ < blockquote >
184+ < ol >
185+ < li > < a href ="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20395 " target ="_blank "> CVE-2018-20395</ a > </ li >
186+ </ ol >
187+ </ blockquote >
188+ </ td > </ tr >
189+
190+
191+ < tr > < td class ="vuln_table_clase_td_header " colspan ="2 ">
192+ < a name ="reference "> 参考情報</ a >
193+ </ td > </ tr >
194+
195+ < tr > < td colspan ="2 ">
196+ < br >
197+ < blockquote >
198+ < ol >
199+ < li > National Vulnerability Database (NVD) : < a href ="https://nvd.nist.gov/vuln/detail/CVE-2018-20395 " target ="_blank "> CVE-2018-20395</ a > </ li >
200+ < li > 関連文書 : < a href ="https://github.com/ezelf/sensitivesOids/blob/master/oidpassswordleaks.csv " target ="_blank "> sensitivesOids/oidpassswordleaks.csv</ a > </ li >
201+ </ ol >
202+ </ blockquote >
203+ </ td > </ tr >
204+
205+ < tr > < td class ="vuln_table_clase_td_header " colspan ="2 ">
206+ < a name ="history "> 更新履歴</ a >
207+ </ td > </ tr >
208+ < tr > < td colspan ="2 ">
209+ < br >
210+ < blockquote >
211+ < ul style ="list-style-type: none ">
212+ < li > [2019年02月22日]< br >
213+   掲載</ li >
214+ </ ul >
215+ </ blockquote >
216+ < br >
217+ </ td > </ tr >
218+ </ table >
219+ < table class ="vuln_table_clase_footer ">
220+ < tr > < td colspan ="2 "> < hr > </ td > </ tr >
221+ < tr > < td class ="vuln_table_clase_date_header_td "> 公表日</ td > < td > 2018/12/23</ td > </ tr >
222+ < tr > < td class ="vuln_table_clase_date_header_td "> 登録日</ td > < td > 2019/02/22</ td > </ tr >
223+ < tr > < td class ="vuln_table_clase_date_header_td "> 最終更新日</ td > < td > 2019/02/22</ td > </ tr >
224+ < tr > < td colspan ="2 "> < hr > </ td > </ tr >
225+ </ table >
226+ </ div >
227+ </ div >
228+ </ div >
229+ < div id ="rightarea ">
230+ < div id ="navi ">
231+ < ul >
232+ < li > < img width ="150 " height ="50 " border ="0 " src ="https://jvndb.jvn.jp/common/img/t_rnav_jvn.gif " alt ="JVN "> </ li >
233+ < li > < a onmouseout ="MM_swapImgRestore() " onmouseover ="MM_swapImage('Image1','','/common/img/r_nav_1_f2.gif',1) " href ="http://jvn.jp/ "> < img width ="150 " height ="27 " border ="0 " name ="Image1 " src ="https://jvndb.jvn.jp/common/img/r_nav_1.gif " alt ="HOME " id ="Image1 "> </ a > </ li >
234+ < li > < a onmouseout ="MM_swapImgRestore() " onmouseover ="MM_swapImage('Image2','','/common/img/r_nav_2_f2.gif',1) " href ="http://jvn.jp/nav/jvn.html "> < img width ="150 " height ="27 " border ="0 " name ="Image2 " src ="https://jvndb.jvn.jp/common/img/r_nav_2.gif " alt ="JVNとは " id ="Image2 "> </ a > </ li >
235+ < li > < a onmouseout ="MM_swapImgRestore() " onmouseover ="MM_swapImage('Image3','','/common/img/r_nav_3_f2.gif',1) " href ="http://jvn.jp/nav/jvnhelp.html "> < img width ="150 " height ="27 " border ="0 " name ="Image3 " src ="https://jvndb.jvn.jp/common/img/r_nav_3.gif " alt ="脆弱性レポートの読み方 " id ="Image3 "> </ a > </ li >
236+ < li > < a onmouseout ="MM_swapImgRestore() " onmouseover ="MM_swapImage('Image4','','/common/img/r_nav_4_f2.gif',1) " href ="http://jvn.jp/report/index.html "> < img width ="150 " height ="27 " border ="0 " name ="Image4 " src ="https://jvndb.jvn.jp/common/img/r_nav_4.gif " alt ="脆弱性レポート一覧 " id ="Image4 "> </ a > </ li >
237+ < li > < a onmouseout ="MM_swapImgRestore() " onmouseover ="MM_swapImage('Image41','','/common/img/r_nav_4_1_f2.gif',1) " href ="http://jvn.jp/jp/index.html "> < img width ="150 " height ="20 " border ="0 " name ="Image41 " src ="https://jvndb.jvn.jp/common/img/r_nav_4_1.gif " alt ="VN_JP " id ="Image41 "> </ a > </ li >
238+ < li > < a onmouseout ="MM_swapImgRestore() " onmouseover ="MM_swapImage('Image44','','/common/img/r_nav_4_4_f2.gif',1) " href ="http://jvn.jp/adj/index.html "> < img width ="150 " height ="20 " border ="0 " name ="Image44 " src ="https://jvndb.jvn.jp/common/img/r_nav_4_4.gif " alt ="VN_JP 連絡不能 " id ="Image44 "> </ a > </ li >
239+ < li > < a onmouseout ="MM_swapImgRestore() " onmouseover ="MM_swapImage('Image42','','/common/img/r_nav_4_2_f2.gif',1) " href ="http://jvn.jp/vu/index.html "> < img width ="150 " height ="20 " border ="0 " name ="Image42 " src ="https://jvndb.jvn.jp/common/img/r_nav_4_2.gif " alt ="VN_VU " id ="Image42 "> </ a > </ li >
240+ < li > < a onmouseout ="MM_swapImgRestore() " onmouseover ="MM_swapImage('Image43','','/common/img/r_nav_4_3_f2.gif',1) " href ="http://jvn.jp/ta/index.html "> < img width ="150 " height ="20 " border ="0 " name ="Image43 " src ="https://jvndb.jvn.jp/common/img/r_nav_4_3.gif " alt ="TA " id ="Image43 "> </ a > </ li >
241+ < li > < a onmouseout ="MM_swapImgRestore() " onmouseover ="MM_swapImage('Image5','','/common/img/r_nav_5_f2.gif',1) " href ="http://jvn.jp/tr/index.html "> < img width ="150 " height ="27 " border ="0 " name ="Image5 " src ="https://jvndb.jvn.jp/common/img/r_nav_5.gif " alt ="TRnotes " id ="Image5 "> </ a > </ li >
242+ < li > < a href ="https://jvndb.jvn.jp/index.html " onmouseout ="MM_swapImgRestore() " onmouseover ="MM_swapImage('Image10','','/common/img/r_nav_10_f2.gif',1) "> < img width ="150 " height ="27 " border ="0 " name ="Image10 " src ="https://jvndb.jvn.jp/common/img/r_nav_10.gif " alt ="JVN iPedia - 脆弱性対策情報データベース " id ="Image10 "> </ a > </ li >
243+ < li > < a href ="https://jvndb.jvn.jp/search/index.php?mode=_vulnerability_search_IA_VulnSearch&lang=ja " onmouseout ="MM_swapImgRestore() " onmouseover ="MM_swapImage('Image01','','/common/img/r_nav_10_1_f2.gif',1) "> < img width ="150 " height ="20 " border ="0 " name ="Image01 " src ="https://jvndb.jvn.jp/common/img/r_nav_10_1.gif " alt ="脆弱性対策情報データベース検索 " id ="Image01 "> </ a > </ li >
244+ < li > < a href ="https://jvndb.jvn.jp/nav/jvndb.html " onmouseout ="MM_swapImgRestore() " onmouseover ="MM_swapImage('Image02','','/common/img/r_nav_10_2_f2.gif',1) "> < img width ="150 " height ="20 " border ="0 " name ="Image02 " src ="https://jvndb.jvn.jp/common/img/r_nav_10_2.gif " alt ="JVN iPediaとは " id ="Image02 "> </ a > </ li >
245+ < li > < a href ="https://jvndb.jvn.jp/nav/jvndbhelp.html " onmouseout ="MM_swapImgRestore() " onmouseover ="MM_swapImage('Image03','','/common/img/r_nav_10_3_f2.gif',1) "> < img width ="150 " height ="20 " border ="0 " name ="Image03 " src ="https://jvndb.jvn.jp/common/img/r_nav_10_3.gif " alt ="使い方 " id ="Image03 "> </ a > </ li >
246+ < li > < a href ="https://jvndb.jvn.jp/apis/myjvn/index.html " onmouseout ="MM_swapImgRestore() " onmouseover ="MM_swapImage('Image04','','/common/img/r_nav_10_4_f2.gif',1) "> < img width ="150 " height ="20 " border ="0 " name ="Image04 " src ="https://jvndb.jvn.jp/common/img/r_nav_10_4.gif " alt ="MyJVN " id ="Image04 "> </ a > </ li >
247+ < li > < a onmouseout ="MM_swapImgRestore() " onmouseover ="MM_swapImage('Image6','','/common/img/r_nav_6_f2.gif',1) " href ="http://jvn.jp/rss/index.html "> < img width ="150 " height ="27 " border ="0 " name ="Image6 " src ="https://jvndb.jvn.jp/common/img/r_nav_6.gif " alt ="JVNJS/RSS " id ="Image6 "> </ a > </ li >
248+ < li > < a onmouseout ="MM_swapImgRestore() " onmouseover ="MM_swapImage('Image7','','/common/img/r_nav_7_f2.gif',1) " href ="http://jvn.jp/nav/index.html "> < img width ="150 " height ="27 " border ="0 " name ="Image7 " src ="https://jvndb.jvn.jp/common/img/r_nav_7.gif " alt ="ベンダ情報一覧 " id ="Image7 "> </ a > </ li >
249+ < li > < a onmouseout ="MM_swapImgRestore() " onmouseover ="MM_swapImage('Image11','','/common/img/r_nav_11_f2.gif',1) " href ="http://jvn.jp/reply/index.html "> < img width ="150 " height ="27 " border ="0 " name ="Image11 " src ="https://jvndb.jvn.jp/common/img/r_nav_11.gif " alt ="連絡不能開発者一覧 " id ="Image11 "> </ a > </ li >
250+ < li > < a onmouseout ="MM_swapImgRestore() " onmouseover ="MM_swapImage('Image8','','/common/img/r_nav_8_f2.gif',1) " target ="ipasecurity " href ="http://www.ipa.go.jp/security/vuln/report/ "> < img width ="150 " height ="27 " border ="0 " name ="Image8 " src ="https://jvndb.jvn.jp/common/img/r_nav_8.gif " alt ="脆弱性情報の届出 " id ="Image8 "> </ a > </ li >
251+ < li > < a onmouseout ="MM_swapImgRestore() " onmouseover ="MM_swapImage('Image9','','/common/img/r_nav_9_f2.gif',1) " href ="http://jvn.jp/contact/index.html "> < img width ="150 " height ="27 " border ="0 " name ="Image9 " src ="https://jvndb.jvn.jp/common/img/r_nav_9.gif " alt ="お問合せ先 " id ="Image9 "> </ a > </ li >
252+ </ ul >
253+ < br >
254+ < a href ="http://cve.mitre.org/compatible/compatible.html#j " target ="cvecompatible "> < img src ="https://jvndb.jvn.jp/common/img/comp_compatible.gif " alt ="CVE互換 " id ="Image99 " name ="Image99 " border ="0 " height ="50 " width ="145 "> </ a >
255+ </ div >
256+
257+
258+ </ div >
259+ </ div >
260+ < div id ="footer ">
261+ < div class ="footertext "> < img src ="https://jvndb.jvn.jp/common/img/copyright.png " alt ="Copyright © 2007- IPA. All rights reserved. "> </ div >
262+ </ div >
263+ </ div >
264+ </ body >
265+ </ html >
0 commit comments