Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for nablarch by nablarch_project

    CVE-2019-5919 (GCVE-0-2019-5919)

    Vulnerability from nvd – Published: 2019-03-12 21:00 – Updated: 2024-08-04 20:09
    VLAI
    Summary
    An incomplete cryptography of the data store function by using hidden tag in Nablarch 5 (5, and 5u1 to 5u13) allows remote attackers to obtain information of the stored data, to register invalid value, or alter the value via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • An incomplete cryptography
    Assigner
    References
    URL Tags
    https://nablarch.atlassian.net/browse/NAB-313 x_refsource_MISC
    http://jvn.jp/en/jp/JVN56542712/index.html third-party-advisoryx_refsource_JVN
    Impacted products
    Vendor Product Version
    TIS Inc. Nablarch 5 Affected: Nablarch 5, and 5u1 to 5u13
    Create a notification for this product.
    Date Public
    2019-03-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T20:09:23.661Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://nablarch.atlassian.net/browse/NAB-313"
              },
              {
                "name": "JVN#56542712",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "http://jvn.jp/en/jp/JVN56542712/index.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Nablarch 5",
              "vendor": "TIS Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Nablarch 5, and 5u1 to 5u13"
                }
              ]
            }
          ],
          "datePublic": "2019-03-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An incomplete cryptography of the data store function by using hidden tag in Nablarch 5 (5, and 5u1 to 5u13) allows remote attackers to obtain information of the stored data, to register invalid value, or alter the value via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "An incomplete cryptography",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-03-12T20:57:01.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://nablarch.atlassian.net/browse/NAB-313"
            },
            {
              "name": "JVN#56542712",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "http://jvn.jp/en/jp/JVN56542712/index.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2019-5919",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Nablarch 5",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Nablarch 5, and 5u1 to 5u13"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "TIS Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An incomplete cryptography of the data store function by using hidden tag in Nablarch 5 (5, and 5u1 to 5u13) allows remote attackers to obtain information of the stored data, to register invalid value, or alter the value via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "An incomplete cryptography"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://nablarch.atlassian.net/browse/NAB-313",
                  "refsource": "MISC",
                  "url": "https://nablarch.atlassian.net/browse/NAB-313"
                },
                {
                  "name": "JVN#56542712",
                  "refsource": "JVN",
                  "url": "http://jvn.jp/en/jp/JVN56542712/index.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2019-5919",
        "datePublished": "2019-03-12T21:00:00.000Z",
        "dateReserved": "2019-01-10T00:00:00.000Z",
        "dateUpdated": "2024-08-04T20:09:23.661Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-5918 (GCVE-0-2019-5918)

    Vulnerability from nvd – Published: 2019-03-12 21:00 – Updated: 2024-08-04 20:09
    VLAI
    Summary
    Nablarch 5 (5, and 5u1 to 5u13) allows remote attackers to conduct XML External Entity (XXE) attacks via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • XML external entities (XXE)
    Assigner
    References
    URL Tags
    https://nablarch.atlassian.net/projects/NAB/issue… x_refsource_MISC
    http://jvn.jp/en/jp/JVN56542712/index.html third-party-advisoryx_refsource_JVN
    Impacted products
    Vendor Product Version
    TIS Inc. Nablarch 5 Affected: Nablarch 5, and 5u1 to 5u13
    Create a notification for this product.
    Date Public
    2019-03-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T20:09:23.807Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://nablarch.atlassian.net/projects/NAB/issues/NAB-295"
              },
              {
                "name": "JVN#56542712",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "http://jvn.jp/en/jp/JVN56542712/index.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Nablarch 5",
              "vendor": "TIS Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Nablarch 5, and 5u1 to 5u13"
                }
              ]
            }
          ],
          "datePublic": "2019-03-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Nablarch 5 (5, and 5u1 to 5u13) allows remote attackers to conduct XML External Entity (XXE) attacks via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "XML external entities (XXE)",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-03-12T20:57:01.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://nablarch.atlassian.net/projects/NAB/issues/NAB-295"
            },
            {
              "name": "JVN#56542712",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "http://jvn.jp/en/jp/JVN56542712/index.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2019-5918",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Nablarch 5",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Nablarch 5, and 5u1 to 5u13"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "TIS Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Nablarch 5 (5, and 5u1 to 5u13) allows remote attackers to conduct XML External Entity (XXE) attacks via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "XML external entities (XXE)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://nablarch.atlassian.net/projects/NAB/issues/NAB-295",
                  "refsource": "MISC",
                  "url": "https://nablarch.atlassian.net/projects/NAB/issues/NAB-295"
                },
                {
                  "name": "JVN#56542712",
                  "refsource": "JVN",
                  "url": "http://jvn.jp/en/jp/JVN56542712/index.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2019-5918",
        "datePublished": "2019-03-12T21:00:00.000Z",
        "dateReserved": "2019-01-10T00:00:00.000Z",
        "dateUpdated": "2024-08-04T20:09:23.807Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-5918 (GCVE-0-2019-5918)

    Vulnerability from cvelistv5 – Published: 2019-03-12 21:00 – Updated: 2024-08-04 20:09
    VLAI
    Summary
    Nablarch 5 (5, and 5u1 to 5u13) allows remote attackers to conduct XML External Entity (XXE) attacks via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • XML external entities (XXE)
    Assigner
    References
    URL Tags
    https://nablarch.atlassian.net/projects/NAB/issue… x_refsource_MISC
    http://jvn.jp/en/jp/JVN56542712/index.html third-party-advisoryx_refsource_JVN
    Impacted products
    Vendor Product Version
    TIS Inc. Nablarch 5 Affected: Nablarch 5, and 5u1 to 5u13
    Create a notification for this product.
    Date Public
    2019-03-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T20:09:23.807Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://nablarch.atlassian.net/projects/NAB/issues/NAB-295"
              },
              {
                "name": "JVN#56542712",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "http://jvn.jp/en/jp/JVN56542712/index.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Nablarch 5",
              "vendor": "TIS Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Nablarch 5, and 5u1 to 5u13"
                }
              ]
            }
          ],
          "datePublic": "2019-03-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Nablarch 5 (5, and 5u1 to 5u13) allows remote attackers to conduct XML External Entity (XXE) attacks via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "XML external entities (XXE)",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-03-12T20:57:01.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://nablarch.atlassian.net/projects/NAB/issues/NAB-295"
            },
            {
              "name": "JVN#56542712",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "http://jvn.jp/en/jp/JVN56542712/index.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2019-5918",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Nablarch 5",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Nablarch 5, and 5u1 to 5u13"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "TIS Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Nablarch 5 (5, and 5u1 to 5u13) allows remote attackers to conduct XML External Entity (XXE) attacks via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "XML external entities (XXE)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://nablarch.atlassian.net/projects/NAB/issues/NAB-295",
                  "refsource": "MISC",
                  "url": "https://nablarch.atlassian.net/projects/NAB/issues/NAB-295"
                },
                {
                  "name": "JVN#56542712",
                  "refsource": "JVN",
                  "url": "http://jvn.jp/en/jp/JVN56542712/index.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2019-5918",
        "datePublished": "2019-03-12T21:00:00.000Z",
        "dateReserved": "2019-01-10T00:00:00.000Z",
        "dateUpdated": "2024-08-04T20:09:23.807Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-5919 (GCVE-0-2019-5919)

    Vulnerability from cvelistv5 – Published: 2019-03-12 21:00 – Updated: 2024-08-04 20:09
    VLAI
    Summary
    An incomplete cryptography of the data store function by using hidden tag in Nablarch 5 (5, and 5u1 to 5u13) allows remote attackers to obtain information of the stored data, to register invalid value, or alter the value via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • An incomplete cryptography
    Assigner
    References
    URL Tags
    https://nablarch.atlassian.net/browse/NAB-313 x_refsource_MISC
    http://jvn.jp/en/jp/JVN56542712/index.html third-party-advisoryx_refsource_JVN
    Impacted products
    Vendor Product Version
    TIS Inc. Nablarch 5 Affected: Nablarch 5, and 5u1 to 5u13
    Create a notification for this product.
    Date Public
    2019-03-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T20:09:23.661Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://nablarch.atlassian.net/browse/NAB-313"
              },
              {
                "name": "JVN#56542712",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "http://jvn.jp/en/jp/JVN56542712/index.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Nablarch 5",
              "vendor": "TIS Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Nablarch 5, and 5u1 to 5u13"
                }
              ]
            }
          ],
          "datePublic": "2019-03-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An incomplete cryptography of the data store function by using hidden tag in Nablarch 5 (5, and 5u1 to 5u13) allows remote attackers to obtain information of the stored data, to register invalid value, or alter the value via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "An incomplete cryptography",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-03-12T20:57:01.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://nablarch.atlassian.net/browse/NAB-313"
            },
            {
              "name": "JVN#56542712",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "http://jvn.jp/en/jp/JVN56542712/index.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2019-5919",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Nablarch 5",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Nablarch 5, and 5u1 to 5u13"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "TIS Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An incomplete cryptography of the data store function by using hidden tag in Nablarch 5 (5, and 5u1 to 5u13) allows remote attackers to obtain information of the stored data, to register invalid value, or alter the value via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "An incomplete cryptography"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://nablarch.atlassian.net/browse/NAB-313",
                  "refsource": "MISC",
                  "url": "https://nablarch.atlassian.net/browse/NAB-313"
                },
                {
                  "name": "JVN#56542712",
                  "refsource": "JVN",
                  "url": "http://jvn.jp/en/jp/JVN56542712/index.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2019-5919",
        "datePublished": "2019-03-12T21:00:00.000Z",
        "dateReserved": "2019-01-10T00:00:00.000Z",
        "dateUpdated": "2024-08-04T20:09:23.661Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }