Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

1 vulnerability found for SKYMEC IT Manager by Sky Co., LTD.

JVNDB-2026-000051

Vulnerability from jvndb - Published: 2026-04-20 14:47 - Updated:2026-04-20 14:47
Severity ?
7.8 (High) - cvssV3_0 - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
SKYSEA Client View and SKYMEC IT Manager improper file access permission settings
Details
SKYSEA Client View and SKYMEC IT Manager provided by Sky Co.,LTD. are Enterprise IT Asset Management Tools. SKYSEA Client View and SKYMEC IT Manager contain the following vulnerability.
  • Incorrect default permissions in the installation folder (CWE-276) - CVE-2026-39454
Takashi Matsumoto of NEC Corporation reported this vulnerability to Sky Co.,LTD. and coordinated. After the coordination was completed, Sky Co.,LTD. reported the case to JPCERT/CC to notify users of the solution through JVN.
References
Impacted products
Show details on JVN DB website
To clipboard 

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2026/JVNDB-2026-000051.html",
  "dc:date": "2026-04-20T14:47+09:00",
  "dcterms:issued": "2026-04-20T14:47+09:00",
  "dcterms:modified": "2026-04-20T14:47+09:00",
  "description": "SKYSEA Client View and SKYMEC IT Manager provided by Sky Co.,LTD. are Enterprise IT Asset Management Tools.\r\nSKYSEA Client View and SKYMEC IT Manager contain the following vulnerability.\u003ca href=\u0027https://cwe.mitre.org/data/definitions/276.html\u0027 target=\u0027_blank\u0027\u003e\u003c/a\u003e\u003cul\u003e\u003cli\u003eIncorrect default permissions in the installation folder (CWE-276) - CVE-2026-39454\u003c/li\u003e\u003c/ul\u003eTakashi Matsumoto of NEC Corporation reported this vulnerability to Sky Co.,LTD. and coordinated. After the coordination was completed, Sky Co.,LTD. reported the case to JPCERT/CC to notify users of the solution through JVN.",
  "link": "https://jvndb.jvn.jp/en/contents/2026/JVNDB-2026-000051.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:skygroup:skymec_it_manager",
      "@product": "SKYMEC IT Manager",
      "@vendor": "Sky Co., LTD.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:skygroup:skysea_client_view",
      "@product": "SKYSEA Client View",
      "@vendor": "Sky Co., LTD.",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "7.8",
    "@severity": "High",
    "@type": "Base",
    "@vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
    "@version": "3.0"
  },
  "sec:identifier": "JVNDB-2026-000051",
  "sec:references": [
    {
      "#text": "https://jvn.jp/en/jp/JVN63376363/index.html",
      "@id": "JVN#63376363",
      "@source": "JVN"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2026-39454",
      "@id": "CVE-2026-39454",
      "@source": "CVE"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-Other",
      "@title": "No Mapping(CWE-Other)"
    }
  ],
  "title": "SKYSEA Client View and SKYMEC IT Manager improper file access permission settings"
}