Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for rakrak_document_plus by sei-info

    CVE-2023-49108 (GCVE-0-2023-49108)

    Vulnerability from nvd – Published: 2023-12-04 05:08 – Updated: 2024-08-02 21:46
    VLAI
    Summary
    Path traversal vulnerability exists in RakRak Document Plus Ver.3.2.0.0 to Ver.6.4.0.7 (excluding Ver.6.1.1.3a). If this vulnerability is exploited, arbitrary files on the server may be obtained or deleted by a user of the product with specific privileges.
    Severity
    No CVSS data available.
    CWE
    • Directory traversal
    Assigner
    Impacted products
    Vendor Product Version
    Sumitomo Electric Information Systems Co., Ltd. RakRak Document Plus Affected: Ver.3.2.0.0 to Ver.6.4.0.7 (excluding Ver.6.1.1.3a)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T21:46:29.150Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://rakrak.jp/RakDocSupport/rkspServlet"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/jp/JVN46895889/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "RakRak Document Plus",
              "vendor": "Sumitomo Electric Information Systems Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Ver.3.2.0.0 to Ver.6.4.0.7 (excluding Ver.6.1.1.3a)"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Path traversal vulnerability exists in RakRak Document Plus Ver.3.2.0.0 to Ver.6.4.0.7 (excluding Ver.6.1.1.3a). If this vulnerability is exploited, arbitrary files on the server may be obtained or deleted by a user of the product with specific privileges."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Directory traversal",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-12-04T05:08:29.398Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://rakrak.jp/RakDocSupport/rkspServlet"
            },
            {
              "url": "https://jvn.jp/en/jp/JVN46895889/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2023-49108",
        "datePublished": "2023-12-04T05:08:29.398Z",
        "dateReserved": "2023-11-22T04:24:31.707Z",
        "dateUpdated": "2024-08-02T21:46:29.150Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-49108 (GCVE-0-2023-49108)

    Vulnerability from cvelistv5 – Published: 2023-12-04 05:08 – Updated: 2024-08-02 21:46
    VLAI
    Summary
    Path traversal vulnerability exists in RakRak Document Plus Ver.3.2.0.0 to Ver.6.4.0.7 (excluding Ver.6.1.1.3a). If this vulnerability is exploited, arbitrary files on the server may be obtained or deleted by a user of the product with specific privileges.
    Severity
    No CVSS data available.
    CWE
    • Directory traversal
    Assigner
    Impacted products
    Vendor Product Version
    Sumitomo Electric Information Systems Co., Ltd. RakRak Document Plus Affected: Ver.3.2.0.0 to Ver.6.4.0.7 (excluding Ver.6.1.1.3a)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T21:46:29.150Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://rakrak.jp/RakDocSupport/rkspServlet"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/jp/JVN46895889/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "RakRak Document Plus",
              "vendor": "Sumitomo Electric Information Systems Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Ver.3.2.0.0 to Ver.6.4.0.7 (excluding Ver.6.1.1.3a)"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Path traversal vulnerability exists in RakRak Document Plus Ver.3.2.0.0 to Ver.6.4.0.7 (excluding Ver.6.1.1.3a). If this vulnerability is exploited, arbitrary files on the server may be obtained or deleted by a user of the product with specific privileges."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Directory traversal",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-12-04T05:08:29.398Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://rakrak.jp/RakDocSupport/rkspServlet"
            },
            {
              "url": "https://jvn.jp/en/jp/JVN46895889/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2023-49108",
        "datePublished": "2023-12-04T05:08:29.398Z",
        "dateReserved": "2023-11-22T04:24:31.707Z",
        "dateUpdated": "2024-08-02T21:46:29.150Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }