Search
Find a vulnerability
Search criteria
2 vulnerabilities by sei-info
CVE-2023-49108 (GCVE-0-2023-49108)
Vulnerability from nvd – Published: 2023-12-04 05:08 – Updated: 2024-08-02 21:46
VLAI
Summary
Path traversal vulnerability exists in RakRak Document Plus Ver.3.2.0.0 to Ver.6.4.0.7 (excluding Ver.6.1.1.3a). If this vulnerability is exploited, arbitrary files on the server may be obtained or deleted by a user of the product with specific privileges.
Severity
No CVSS data available.
CWE
- Directory traversal
Assigner
References
2 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Sumitomo Electric Information Systems Co., Ltd. | RakRak Document Plus |
Affected:
Ver.3.2.0.0 to Ver.6.4.0.7 (excluding Ver.6.1.1.3a)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:46:29.150Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://rakrak.jp/RakDocSupport/rkspServlet"
},
{
"tags": [
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN46895889/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "RakRak Document Plus",
"vendor": "Sumitomo Electric Information Systems Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Ver.3.2.0.0 to Ver.6.4.0.7 (excluding Ver.6.1.1.3a)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Path traversal vulnerability exists in RakRak Document Plus Ver.3.2.0.0 to Ver.6.4.0.7 (excluding Ver.6.1.1.3a). If this vulnerability is exploited, arbitrary files on the server may be obtained or deleted by a user of the product with specific privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Directory traversal",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T05:08:29.398Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://rakrak.jp/RakDocSupport/rkspServlet"
},
{
"url": "https://jvn.jp/en/jp/JVN46895889/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2023-49108",
"datePublished": "2023-12-04T05:08:29.398Z",
"dateReserved": "2023-11-22T04:24:31.707Z",
"dateUpdated": "2024-08-02T21:46:29.150Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-49108 (GCVE-0-2023-49108)
Vulnerability from cvelistv5 – Published: 2023-12-04 05:08 – Updated: 2024-08-02 21:46
VLAI
Summary
Path traversal vulnerability exists in RakRak Document Plus Ver.3.2.0.0 to Ver.6.4.0.7 (excluding Ver.6.1.1.3a). If this vulnerability is exploited, arbitrary files on the server may be obtained or deleted by a user of the product with specific privileges.
Severity
No CVSS data available.
CWE
- Directory traversal
Assigner
References
2 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Sumitomo Electric Information Systems Co., Ltd. | RakRak Document Plus |
Affected:
Ver.3.2.0.0 to Ver.6.4.0.7 (excluding Ver.6.1.1.3a)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:46:29.150Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://rakrak.jp/RakDocSupport/rkspServlet"
},
{
"tags": [
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN46895889/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "RakRak Document Plus",
"vendor": "Sumitomo Electric Information Systems Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Ver.3.2.0.0 to Ver.6.4.0.7 (excluding Ver.6.1.1.3a)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Path traversal vulnerability exists in RakRak Document Plus Ver.3.2.0.0 to Ver.6.4.0.7 (excluding Ver.6.1.1.3a). If this vulnerability is exploited, arbitrary files on the server may be obtained or deleted by a user of the product with specific privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Directory traversal",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T05:08:29.398Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://rakrak.jp/RakDocSupport/rkspServlet"
},
{
"url": "https://jvn.jp/en/jp/JVN46895889/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2023-49108",
"datePublished": "2023-12-04T05:08:29.398Z",
"dateReserved": "2023-11-22T04:24:31.707Z",
"dateUpdated": "2024-08-02T21:46:29.150Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}