Search

Find a vulnerability

Search criteria

    4 vulnerabilities by AKINDO SUSHIRO CO., LTD.

    CVE-2023-22362 (GCVE-0-2023-22362)

    Vulnerability from nvd – Published: 2023-02-13 00:00 – Updated: 2025-03-21 14:32
    VLAI
    Summary
    SUSHIRO App for Android outputs sensitive information to the log file, which may result in an attacker obtaining a credential information from the log file. Affected products/versions are as follows: SUSHIRO Ver.4.0.31, Thailand SUSHIRO Ver.1.0.0, Hong Kong SUSHIRO Ver.3.0.2, Singapore SUSHIRO Ver.2.0.0, and Taiwan SUSHIRO Ver.2.0.1
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • Insertion of sensitive information into log file
    • CWE-532 - Insertion of Sensitive Information into Log File
    Assigner
    Impacted products
    Vendor Product Version
    AKINDO SUSHIRO CO., LTD. SUSHIRO App for Android Affected: SUSHIRO Ver.4.0.31, Thailand SUSHIRO Ver.1.0.0, Hong Kong SUSHIRO Ver.3.0.2, Singapore SUSHIRO Ver.2.0.0, and Taiwan SUSHIRO Ver.2.0.1
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T10:07:06.595Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://play.google.com/store/apps/details?id=jp.co.akindo_sushiro.sushiroapp"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://play.google.com/store/apps/details?id=th.co.akindo_sushiro.sushiroapp"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://play.google.com/store/apps/details?id=hk.co.akindo_sushiro.sushiroapp"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://play.google.com/store/apps/details?id=sg.co.akindo_sushiro.sushiroapp"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://play.google.com/store/apps/details?id=tw.co.akindo_sushiro.sushiroapp"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/jp/JVN84642320/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-22362",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-21T14:30:48.588374Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-532",
                    "description": "CWE-532 Insertion of Sensitive Information into Log File",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-21T14:32:31.724Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "SUSHIRO App for Android",
              "vendor": "AKINDO SUSHIRO CO., LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "SUSHIRO Ver.4.0.31, Thailand SUSHIRO Ver.1.0.0, Hong Kong SUSHIRO Ver.3.0.2, Singapore SUSHIRO Ver.2.0.0, and Taiwan SUSHIRO Ver.2.0.1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "SUSHIRO App for Android outputs sensitive information to the log file, which may result in an attacker obtaining a credential information from the log file. Affected products/versions are as follows: SUSHIRO Ver.4.0.31, Thailand SUSHIRO Ver.1.0.0, Hong Kong SUSHIRO Ver.3.0.2, Singapore SUSHIRO Ver.2.0.0, and Taiwan SUSHIRO Ver.2.0.1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Insertion of sensitive information into log file",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-02-13T00:00:00.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://play.google.com/store/apps/details?id=jp.co.akindo_sushiro.sushiroapp"
            },
            {
              "url": "https://play.google.com/store/apps/details?id=th.co.akindo_sushiro.sushiroapp"
            },
            {
              "url": "https://play.google.com/store/apps/details?id=hk.co.akindo_sushiro.sushiroapp"
            },
            {
              "url": "https://play.google.com/store/apps/details?id=sg.co.akindo_sushiro.sushiroapp"
            },
            {
              "url": "https://play.google.com/store/apps/details?id=tw.co.akindo_sushiro.sushiroapp"
            },
            {
              "url": "https://jvn.jp/en/jp/JVN84642320/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2023-22362",
        "datePublished": "2023-02-13T00:00:00.000Z",
        "dateReserved": "2022-12-28T00:00:00.000Z",
        "dateUpdated": "2025-03-21T14:32:31.724Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-22362 (GCVE-0-2023-22362)

    Vulnerability from cvelistv5 – Published: 2023-02-13 00:00 – Updated: 2025-03-21 14:32
    VLAI
    Summary
    SUSHIRO App for Android outputs sensitive information to the log file, which may result in an attacker obtaining a credential information from the log file. Affected products/versions are as follows: SUSHIRO Ver.4.0.31, Thailand SUSHIRO Ver.1.0.0, Hong Kong SUSHIRO Ver.3.0.2, Singapore SUSHIRO Ver.2.0.0, and Taiwan SUSHIRO Ver.2.0.1
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • Insertion of sensitive information into log file
    • CWE-532 - Insertion of Sensitive Information into Log File
    Assigner
    Impacted products
    Vendor Product Version
    AKINDO SUSHIRO CO., LTD. SUSHIRO App for Android Affected: SUSHIRO Ver.4.0.31, Thailand SUSHIRO Ver.1.0.0, Hong Kong SUSHIRO Ver.3.0.2, Singapore SUSHIRO Ver.2.0.0, and Taiwan SUSHIRO Ver.2.0.1
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T10:07:06.595Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://play.google.com/store/apps/details?id=jp.co.akindo_sushiro.sushiroapp"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://play.google.com/store/apps/details?id=th.co.akindo_sushiro.sushiroapp"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://play.google.com/store/apps/details?id=hk.co.akindo_sushiro.sushiroapp"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://play.google.com/store/apps/details?id=sg.co.akindo_sushiro.sushiroapp"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://play.google.com/store/apps/details?id=tw.co.akindo_sushiro.sushiroapp"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/jp/JVN84642320/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-22362",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-21T14:30:48.588374Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-532",
                    "description": "CWE-532 Insertion of Sensitive Information into Log File",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-21T14:32:31.724Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "SUSHIRO App for Android",
              "vendor": "AKINDO SUSHIRO CO., LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "SUSHIRO Ver.4.0.31, Thailand SUSHIRO Ver.1.0.0, Hong Kong SUSHIRO Ver.3.0.2, Singapore SUSHIRO Ver.2.0.0, and Taiwan SUSHIRO Ver.2.0.1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "SUSHIRO App for Android outputs sensitive information to the log file, which may result in an attacker obtaining a credential information from the log file. Affected products/versions are as follows: SUSHIRO Ver.4.0.31, Thailand SUSHIRO Ver.1.0.0, Hong Kong SUSHIRO Ver.3.0.2, Singapore SUSHIRO Ver.2.0.0, and Taiwan SUSHIRO Ver.2.0.1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Insertion of sensitive information into log file",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-02-13T00:00:00.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://play.google.com/store/apps/details?id=jp.co.akindo_sushiro.sushiroapp"
            },
            {
              "url": "https://play.google.com/store/apps/details?id=th.co.akindo_sushiro.sushiroapp"
            },
            {
              "url": "https://play.google.com/store/apps/details?id=hk.co.akindo_sushiro.sushiroapp"
            },
            {
              "url": "https://play.google.com/store/apps/details?id=sg.co.akindo_sushiro.sushiroapp"
            },
            {
              "url": "https://play.google.com/store/apps/details?id=tw.co.akindo_sushiro.sushiroapp"
            },
            {
              "url": "https://jvn.jp/en/jp/JVN84642320/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2023-22362",
        "datePublished": "2023-02-13T00:00:00.000Z",
        "dateReserved": "2022-12-28T00:00:00.000Z",
        "dateUpdated": "2025-03-21T14:32:31.724Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    JVNDB-2023-000011

    Vulnerability from jvndb - Published: 2023-01-31 14:10 - Updated:2024-06-11 17:35
    Severity
    Summary
    SUSHIRO App for Android outputs sensitive information to the log file
    Details
    SUSHIRO App for Android provided by AKINDO SUSHIRO CO., LTD. outputs sensitive information to the log file (CWE-532).
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-000011.html",
      "dc:date": "2024-06-11T17:35+09:00",
      "dcterms:issued": "2023-01-31T14:10+09:00",
      "dcterms:modified": "2024-06-11T17:35+09:00",
      "description": "SUSHIRO App for Android provided by AKINDO SUSHIRO CO., LTD. outputs sensitive information to the log file (CWE-532).",
      "link": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-000011.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:akindo-sushiro:hong_kong_sushiro",
          "@product": "Hong Kong SUSHIRO",
          "@vendor": "AKINDO SUSHIRO CO., LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:akindo-sushiro:singapore_sushiro",
          "@product": "Singapore SUSHIRO",
          "@vendor": "AKINDO SUSHIRO CO., LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:akindo-sushiro:sushiro",
          "@product": "SUSHIRO",
          "@vendor": "AKINDO SUSHIRO CO., LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:akindo-sushiro:taiwan_sushiro",
          "@product": "Taiwan SUSHIRO",
          "@vendor": "AKINDO SUSHIRO CO., LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:akindo-sushiro:thailand_sushiro",
          "@product": "Thailand SUSHIRO",
          "@vendor": "AKINDO SUSHIRO CO., LTD.",
          "@version": "2.2"
        }
      ],
      "sec:cvss": [
        {
          "@score": "4.9",
          "@severity": "Medium",
          "@type": "Base",
          "@vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N",
          "@version": "2.0"
        },
        {
          "@score": "6.2",
          "@severity": "Medium",
          "@type": "Base",
          "@vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "@version": "3.0"
        }
      ],
      "sec:identifier": "JVNDB-2023-000011",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN84642320/index.html",
          "@id": "JVN#84642320",
          "@source": "JVN"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-22362",
          "@id": "CVE-2023-22362",
          "@source": "CVE"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-22362",
          "@id": "CVE-2023-22362",
          "@source": "NVD"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-200",
          "@title": "Information Exposure(CWE-200)"
        }
      ],
      "title": "SUSHIRO App for Android outputs sensitive information to the log file"
    }

    JVNDB-2016-000122

    Vulnerability from jvndb - Published: 2016-06-29 14:27 - Updated:2017-05-23 14:28
    Severity
    Summary
    Sushiro App fails to verify SSL server certificates
    Details
    Sushiro App provided by AKINDO SUSHIRO CO., LTD. fails to verify SSL server certificates. Yuta Teshima of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000122.html",
      "dc:date": "2017-05-23T14:28+09:00",
      "dcterms:issued": "2016-06-29T14:27+09:00",
      "dcterms:modified": "2017-05-23T14:28+09:00",
      "description": "Sushiro App provided by AKINDO SUSHIRO CO., LTD. fails to verify SSL server certificates.\r\n\r\nYuta Teshima of Cyber Defense Institute, Inc. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000122.html",
      "sec:cpe": {
        "#text": "cpe:/a:akindo-sushiro:sushiro",
        "@product": "SUSHIRO",
        "@vendor": "AKINDO SUSHIRO CO., LTD.",
        "@version": "2.2"
      },
      "sec:cvss": [
        {
          "@score": "4.0",
          "@severity": "Medium",
          "@type": "Base",
          "@vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
          "@version": "2.0"
        },
        {
          "@score": "4.8",
          "@severity": "Medium",
          "@type": "Base",
          "@vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
          "@version": "3.0"
        }
      ],
      "sec:identifier": "JVNDB-2016-000122",
      "sec:references": [
        {
          "#text": "https://jvn.jp/en/jp/JVN30260727/index.html",
          "@id": "JVN#30260727",
          "@source": "JVN"
        },
        {
          "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4830",
          "@id": "CVE-2016-4830",
          "@source": "CVE"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2016-4830",
          "@id": "CVE-2016-4830",
          "@source": "NVD"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-Other",
          "@title": "No Mapping(CWE-Other)"
        }
      ],
      "title": "Sushiro App fails to verify SSL server certificates"
    }