Search criteria

1 vulnerability by sei-info

CVE-2023-49108 (GCVE-0-2023-49108)

Vulnerability from cvelistv5 – Published: 2023-12-04 05:08 – Updated: 2024-08-02 21:46
VLAI
Summary
Path traversal vulnerability exists in RakRak Document Plus Ver.3.2.0.0 to Ver.6.4.0.7 (excluding Ver.6.1.1.3a). If this vulnerability is exploited, arbitrary files on the server may be obtained or deleted by a user of the product with specific privileges.
Severity
No CVSS data available.
CWE
  • Directory traversal
Assigner
References
Impacted products
Vendor Product Version
Sumitomo Electric Information Systems Co., Ltd. RakRak Document Plus Affected: Ver.3.2.0.0 to Ver.6.4.0.7 (excluding Ver.6.1.1.3a)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T21:46:29.150Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://rakrak.jp/RakDocSupport/rkspServlet"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://jvn.jp/en/jp/JVN46895889/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "RakRak Document Plus",
          "vendor": "Sumitomo Electric Information Systems Co., Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "Ver.3.2.0.0 to Ver.6.4.0.7 (excluding Ver.6.1.1.3a)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Path traversal vulnerability exists in RakRak Document Plus Ver.3.2.0.0 to Ver.6.4.0.7 (excluding Ver.6.1.1.3a). If this vulnerability is exploited, arbitrary files on the server may be obtained or deleted by a user of the product with specific privileges."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Directory traversal",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-12-04T05:08:29.398Z",
        "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "shortName": "jpcert"
      },
      "references": [
        {
          "url": "https://rakrak.jp/RakDocSupport/rkspServlet"
        },
        {
          "url": "https://jvn.jp/en/jp/JVN46895889/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
    "assignerShortName": "jpcert",
    "cveId": "CVE-2023-49108",
    "datePublished": "2023-12-04T05:08:29.398Z",
    "dateReserved": "2023-11-22T04:24:31.707Z",
    "dateUpdated": "2024-08-02T21:46:29.150Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}