CVE-2024-33620

HIGH

ID Link Manager/FUJITSU Software TIME CREATOR - Path Traversal

Title source: llm

Description

Absolute path traversal vulnerability exists in ID Link Manager and FUJITSU Software TIME CREATOR. If this vulnerability is exploited, the file contents including sensitive information on the server may be retrieved by an unauthenticated remote attacker.

References (2)

[Various Sources] https://www.fujitsu.com/jp/group/fsas/about/resources/security/2024/0617.html

[Third Party Advisory] https://jvn.jp/en/jp/JVN65171386/

Scores

CVSS v3 8.6

EPSS 0.0031

EPSS Percentile 53.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-36

Status published

Products (12)

Fsas Technologies Inc./FUJITSU Business Application ID Link Manager II V1.8 and earlier

Fsas Technologies Inc./FUJITSU Software ID Link Manager V2.0

Fsas Technologies Inc./FUJITSU Software TIME CREATOR ID Link Manager V2.3.0

Fsas Technologies Inc./FUJITSU Software TIME CREATOR ID Link Manager V2.3.1

Fsas Technologies Inc./FUJITSU Software TIME CREATOR ID Link Manager V2.4

Fsas Technologies Inc./FUJITSU Software TIME CREATOR ID Link Manager V2.5

Fsas Technologies Inc./FUJITSU Software TIME CREATOR ID Link Manager V2.6

Fsas Technologies Inc./FUJITSU Software TIME CREATOR ID Link Manager V3.0

Fsas Technologies Inc./FUJITSU Software TIME CREATOR ID Link Manager V3.0.2

Fsas Technologies Inc./FUJITSU Software TIME CREATOR ID Link Manager V3.0.2.1

... and 2 more

Published Jun 18, 2024

Tracked Since Feb 18, 2026