Refine your search
2 vulnerabilities found for MATCHA SNS by ICZ Corporation
jvndb-2015-000146
Vulnerability from jvndb
Published
2015-09-30 15:05
Modified
2015-10-08 15:25
Summary
MATCHA SNS access restriction bypass vulnerability
Details
MATCHA SNS provided by ICZ Corporation is an SNS software.
MATCHA SNS contains an access restriction bypass vulnerability.
Shoji Baba reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000146.html",
"dc:date": "2015-10-08T15:25+09:00",
"dcterms:issued": "2015-09-30T15:05+09:00",
"dcterms:modified": "2015-10-08T15:25+09:00",
"description": "MATCHA SNS provided by ICZ Corporation is an SNS software. \r\nMATCHA SNS contains an access restriction bypass vulnerability.\r\n\r\nShoji Baba reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000146.html",
"sec:cpe": {
"#text": "cpe:/a:icz:matchasns",
"@product": "MATCHA SNS",
"@vendor": "ICZ Corporation",
"@version": "2.2"
},
"sec:cvss": {
"@score": "5.5",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2015-000146",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN85118545/index.html",
"@id": "JVN#85118545",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5645",
"@id": "CVE-2015-5645",
"@source": "CVE"
},
{
"#text": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5645",
"@id": "CVE-2015-5645",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-264",
"@title": "Permissions(CWE-264)"
}
],
"title": "MATCHA SNS access restriction bypass vulnerability"
}
jvndb-2015-000145
Vulnerability from jvndb
Published
2015-09-30 15:05
Modified
2015-10-08 15:25
Summary
MATCHA SNS vulnerable to code injection
Details
MATCHA SNS provided by ICZ Corporation is an SNS software. MATCHA SNS contains a code injection (CWE-94) vulnerability due to a flaw when configuring the database during installation.
Shoji Baba reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000145.html",
"dc:date": "2015-10-08T15:25+09:00",
"dcterms:issued": "2015-09-30T15:05+09:00",
"dcterms:modified": "2015-10-08T15:25+09:00",
"description": "MATCHA SNS provided by ICZ Corporation is an SNS software. MATCHA SNS contains a code injection (CWE-94) vulnerability due to a flaw when configuring the database during installation.\r\n\r\nShoji Baba reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000145.html",
"sec:cpe": {
"#text": "cpe:/a:icz:matchasns",
"@product": "MATCHA SNS",
"@vendor": "ICZ Corporation",
"@version": "2.2"
},
"sec:cvss": {
"@score": "5.1",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2015-000145",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN08535069/index.html",
"@id": "JVN#08535069",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5644",
"@id": "CVE-2015-5644",
"@source": "CVE"
},
{
"#text": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5644",
"@id": "CVE-2015-5644",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-94",
"@title": "Code Injection(CWE-94)"
}
],
"title": "MATCHA SNS vulnerable to code injection"
}