CVE-2019-5916

🗓️ 13 Feb 2019 18:00:00Reported by jpcertType

Input validation issue in POWER EGG allows remote attackers to execute EL expression on the serve

Reporter	Title	Published	Views	Family All 6
CVE	CVE-2019-5916	13 Feb 201918:00	–	cve
EUVD	EUVD-2019-15485	7 Oct 202500:30	–	euvd
Japan Vulnerability Notes	JVN#63860183: POWER EGG vulnerability where EL expression may be executed	5 Feb 201900:00	–	jvn
Japan Vulnerability Notes	POWER EGG vulnerability where EL expression may be executed	5 Feb 201905:09	–	jvn
NVD	CVE-2019-5916	13 Feb 201918:29	–	nvd
Prion	Input validation	13 Feb 201918:29	–	prion

[
  {
    "product": "POWER EGG",
    "vendor": "D-CIRCLE inc.",
    "versions": [
      {
        "status": "affected",
        "version": "(Ver 2.0.1, Ver 2.02 Patch 3 and earlier, Ver 2.1 Patch 4 and earlier, Ver 2.2 Patch 7 and earlier, Ver 2.3 Patch 9 and earlier, Ver 2.4 Patch 13 and earlier, Ver 2.5 Patch 12 and earlier, Ver 2.6 Patch 8 and earlier, Ver 2.7 Patch 6 and earlier, Ver 2.7 Government Edition Patch 7 and earlier, Ver 2.8 Patch 6 and earlier, Ver 2.8c Patch 5 and earlier, Ver 2.9 Patch 4 and earlier)"
      }
    ]
  }
]

Source	Link
poweregg	www.poweregg.d-circle.com/support/package/important/20190204_000780/
jvn	www.jvn.jp/en/jp/JVN63860183/index.html

13 Feb 2019 17:57Current

9.5High risk

Vulners AI Score9.5

EPSS0.00868