CVE-2023-4094— Weak authentication vulnerability in Fujitsu Arconte Áurea

CVSS 6.5 · Medium EPSS 0.10% · P28 Updated Jan 25, 2025

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2023-4094

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Weak authentication vulnerability in Fujitsu Arconte Áurea

Source: NVD (National Vulnerability Database)

Vulnerability Description

ARCONTE Aurea's authentication system, in its 1.5.0.0 version, could allow an attacker to make incorrect access requests in order to block each legitimate account and cause a denial of service. In addition, a resource has been identified that could allow circumventing the attempt limit set in the login form.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

Source: NVD (National Vulnerability Database)

Vulnerability Type

CWE-1390

Source: NVD (National Vulnerability Database)

Vulnerability Title

Fujitsu Arconte Áurea 授权问题漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Fujitsu Arconte Áurea是日本富士通（Fujitsu）公司的一个视图记录系统。 Fujitsu Arconte Áurea 1.5.0.0之前版本存在安全漏洞。攻击者利用该漏洞发出错误的访问请求，以阻止每个合法帐户并导致拒绝服务。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Fujitsu	Arconte Áurea	0 ~ 1.5.0.0	-

II. Public POCs for CVE-2023-4094

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2023-4094

请登录查看更多情报信息。

Same Patch Batch · Fujitsu · 2023-09-19 · 5 CVEs total

CVE-2023-4092	8.8 HIGH	SQL injection vulnerability in Fujitsu Arconte Áurea
CVE-2023-4096	8.6 HIGH	Weak password recovery mechanism vulnerability in Fujitsu Arconte Áurea
CVE-2023-4093	5.5 MEDIUM	Reflected and persistent XSS vulnerability in Fujitsu Arconte Áurea
CVE-2023-4095	5.3 MEDIUM	User enumeration vulnerability in Fujitsu Arconte Áurea

IV. Related Vulnerabilities

Same product: Arconte Áurea

Same vendor: Fujitsu

Same weakness: CWE-1390

V. Comments for CVE-2023-4094

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2023-4094— Weak authentication vulnerability in Fujitsu Arconte Áurea

I. Basic Information for CVE-2023-4094

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2023-4094

III. Intelligence Information for CVE-2023-4094

Same Patch Batch · Fujitsu · 2023-09-19 · 5 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2023-4094

Leave a comment