Lucene search
Japan Vulnerability NotesJVN:97751842HistoryMay 09, 2024 - 12:00 a.m.
JVN#97751842: Multiple vulnerabilities in MosP kintai kanri
2024-05-0900:00:00
Japan Vulnerability Notes
jvn.jp
7
mosp kintai kanri
esmind llc
path traversal
incorrect permission assignment
update software
MosP kintai kanri provided by esMind, LLC contains multiple vulnerabilities listed below.
Path Traversal (CWE-22) CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Base Score 6.5 CVE-2024-28880Incorrect Permission Assignment for Critical Resource (CWE-732) CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L Base Score 6.5 CVE-2024-29078
Impact
- A remote attacker who can log in to the product may obtain sensitive information of the product (CVE-2024-28880)
- A remote unauthenticated attacker with access to the product may alter the product settings (CVE-2024-29078)
Solution
Update the software
Update the software to the latest version according to the information provided by the developer.
Products Affected
- MosP kintai kanri V4.6.6 and earlier versions
Related
cve
cve
CVE-2024-28880
2024-05-28 00:15:08
CVE-2024-29078
2024-05-28 00:15:08
vulnrichment
vulnrichment
CVE-2024-28880
2024-05-27 23:50:58
cvelist
cvelist
CVE-2024-28880
2024-05-27 23:50:58
CVE-2024-29078
2024-05-27 23:52:11
nvd
nvd
CVE-2024-28880
2024-05-28 00:15:08
CVE-2024-29078
2024-05-28 00:15:08