Lucene search

Japan Vulnerability NotesJVN:96209256

HistoryNov 13, 2023 - 12:00 a.m.

JVN#96209256: Multiple vulnerabilities in Pleasanter

2023-11-1300:00:00

Japan Vulnerability Notes

jvn.jp

pleasanter

implem inc.

cross-site scripting

access control

open redirect

authentication bypass

update

cve-2023-34439

cve-2023-45210

cve-2023-46688

cve-2023-41890

version 1.3.48.0

version 1.3.47.0

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

6.8 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

51.3%

JSON

Pleasanter provided by Implem Inc. contains multiple vulnerabilities listed below.

Stored cross-site scripting vulnerability (CWE-79) - CVE-2023-34439

Version	Vector	Score
CVSS v3	CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N	Base Score: 5.4
CVSS v2	AV:N/AC:M/Au:S/C:N/I:P/A:N	Base Score: 3.5

Improper access control vulnerability (CWE-284) - CVE-2023-45210

Version	Vector	Score
CVSS v3	CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N	Base Score: 3.5
CVSS v2	AV:N/AC:M/Au:S/C:P/I:N/A:N	Base Score: 3.5

Open redirect vulnerability (CWE-601) - CVE-2023-46688

Version	Vector	Score
CVSS v3	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N	Base Score: 3.4
CVSS v2	AV:N/AC:H/Au:N/C:N/I:P/A:N	Base Score: 2.6

Authentication bypass vulnerability by SAML (CWE-289) - CVE-2023-41890
This issue is caused by a vulnerability in Sustainsys.Saml2 library used in the product.

Version	Vector	Score
CVSS v3	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N	Base Score: 5.9
CVSS v2	AV:N/AC:M/Au:N/C:N/I:P/A:N	Base Score: 4.3

Impact

An arbitrary script may be executed on the user’s web browser - CVE-2023-34439
A user may view the temporary files uploaded by other users that are not permitted to access - CVE-2023-45210
When accessing a specially crafted URL under certain conditions, the user may be redirected to an arbitrary website - CVE-2023-46688
A remote attacker may impersonate a legitimate user, and log in to the system that uses the product - CVE-2019-5966

Solution

Update the Software
Update the software to the latest version according to the information provided by the developer.
The developer has released the following versions that contain fixes for the vulnerabilities.

CVE-2023-34439, CVE-2023-45210, CVE-2023-46688

Pleasanter 1.3.48.0
CVE-2023-41890
Pleasanter 1.3.47.0

Products Affected

CVE-2023-34439, CVE-2023-45210, CVE-2023-46688

Pleasanter 1.3.47.0 and earlier versions
CVE-2023-41890
Pleasanter 1.3.46.1 and earlier versions which use SAML (Security Assertion Markup Language) authentication
The developer states that the product’s both Community Edition and Enterprise Edition are affected.

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

6.8 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

51.3%

JSON

Related for JVN:96209256