Vulnerability-Lookup - Search a vulnerability

Refine your search

Product

Sort by

Order

Sources

1 vulnerability found for JB Inquiry form by Jubei Inc.

jvndb-2023-000034

Vulnerability from jvndb

Published

2023-04-14 15:48

Modified

2024-05-29 16:44

Severity ?

5.3 (Medium) - cvssV3_0 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Summary

JB Inquiry form vulnerable to exposure of private personal information to an unauthorized actor

Details

JB Inquiry form provided by Jubei Inc. contains an exposure of private personal information to an unauthorized actor vulnerability (CWE-359). Yuji Tounai of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

References

Type

URL

	JVN	https://jvn.jp/en/jp/JVN36340790/index.html
	CVE	https://www.cve.org/CVERecord?id=CVE-2023-27510
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2023-27510
	Information Exposure(CWE-200)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

Vendor

Product

	Jubei Inc.	JB Inquiry Form
	Jubei Inc.	JB Inquiry Form
	Jubei Inc.	JB Inquiry Form
	Jubei Inc.	JB Inquiry Form

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-000034.html",
  "dc:date": "2024-05-29T16:44+09:00",
  "dcterms:issued": "2023-04-14T15:48+09:00",
  "dcterms:modified": "2024-05-29T16:44+09:00",
  "description": "JB Inquiry form provided by Jubei Inc. contains an exposure of private personal information to an unauthorized actor vulnerability (CWE-359).\r\n\r\nYuji Tounai of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
  "link": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-000034.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:jubei:jb_inquiry_form",
      "@product": "JB Inquiry Form",
      "@vendor": "Jubei Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:jubei:jb_inquiry_form",
      "@product": "JB Inquiry Form",
      "@vendor": "Jubei Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:jubei:jb_inquiry_form",
      "@product": "JB Inquiry Form",
      "@vendor": "Jubei Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:jubei:jb_inquiry_form",
      "@product": "JB Inquiry Form",
      "@vendor": "Jubei Inc.",
      "@version": "2.2"
    }
  ],
  "sec:cvss": [
    {
      "@score": "5.0",
      "@severity": "Medium",
      "@type": "Base",
      "@vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
      "@version": "2.0"
    },
    {
      "@score": "5.3",
      "@severity": "Medium",
      "@type": "Base",
      "@vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "@version": "3.0"
    }
  ],
  "sec:identifier": "JVNDB-2023-000034",
  "sec:references": [
    {
      "#text": "https://jvn.jp/en/jp/JVN36340790/index.html",
      "@id": "JVN#36340790",
      "@source": "JVN"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-27510",
      "@id": "CVE-2023-27510",
      "@source": "CVE"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-27510",
      "@id": "CVE-2023-27510",
      "@source": "NVD"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-200",
      "@title": "Information Exposure(CWE-200)"
    }
  ],
  "title": "JB Inquiry form vulnerable to exposure of private personal information to an unauthorized actor"
}