Lucene search

[email protected]NVD:CVE-2023-43825

HistorySep 27, 2023 - 3:19 p.m.

CVE-2023-43825

2023-09-2715:19:34

CWE-22

[email protected]

web.nvd.nist.gov

vulnerability

shihonkanri plus

arbitrary code

backup file

local attacker

relative path traversal

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

22.8%

JSON

Relative path traversal vulnerability in Shihonkanri Plus Ver9.0.3 and earlier allows a local attacker to execute an arbitrary code by having a legitimate user import a specially crafted backup file of the product…

Affected configurations

Nvd

Node

ekakinshihonkanri_plusRange≤9.0.3

VendorProductVersionCPE
ekakinshihonkanri_plus*cpe:2.3:a:ekakin:shihonkanri_plus:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ekakin	shihonkanri_plus	*	cpe:2.3:a:ekakin:shihonkanri_plus::::::::

References

ekakin.la.coocan.jp/index.htm

jvn.jp/en/jp/JVN17434995/

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

22.8%

JSON

Related for NVD:CVE-2023-43825

jvn1 cvelist1 cve1 prion1