{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-22T18:56:19.099","vulnerabilities":[{"cve":{"id":"CVE-2024-39771","sourceIdentifier":"vultures@jpcert.or.jp","published":"2024-08-28T06:15:06.233","lastModified":"2024-10-28T21:35:11.267","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"QBiC CLOUD CC-2L v1.1.30 and earlier and Safie One v1.8.2 and earlier do not properly validate certificates, which may allow a network-adjacent unauthenticated attacker to obtain and/or alter communications of the affected product via a man-in-the-middle attack."},{"lang":"es","value":"QBiC CLOUD CC-2L v1.1.30 y anteriores y Safie One v1.8.2 y anteriores no validan correctamente los certificados, lo que puede permitir que un atacante no autenticado adyacente a la red obtenga y/o altere las comunicaciones del producto afectado a través de un hombre en el ataque medio."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":6.8,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":5.2},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N","baseScore":4.2,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":2.5}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-295"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-295"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:safie:qbic_cloud_cc-2\\/2l_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"1.1.30","matchCriteriaId":"3A3C118D-323A-4B01-B087-4DF3A39B1675"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:safie:qbic_cloud_cc-2\\/2l:-:*:*:*:*:*:*:*","matchCriteriaId":"EC20C277-A222-419E-B7E3-FEBCD82F2A2C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:safie:safie_one_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"1.8.2","matchCriteriaId":"DAC335D0-E445-4BB4-BA97-1997E9668F9C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:safie:safie_one:-:*:*:*:*:*:*:*","matchCriteriaId":"8D2B8980-597F-4EA6-AE7D-94689201F187"}]}]}],"references":[{"url":"https://jvn.jp/en/jp/JVN83440451/","source":"vultures@jpcert.or.jp","tags":["Third Party Advisory"]},{"url":"https://safie.jp/information/post_6933/","source":"vultures@jpcert.or.jp","tags":["Vendor Advisory"]}]}}]}