[Japanese]

JVNDB-2022-000065

Multiple vulnerabilities in Exment

Overview

Exment provided by Kajitori Co.,Ltd contains multiple vulnerabilities listed below.
* Reflected cross-site scripting (CWE-79) - CVE-2022-38080
* SQL injection (CWE-89) - CVE-2022-37333
* Stored cross-site scripting (CWE-79) - CVE-2022-38089

CVE-2022-38080, CVE-2022-37333
Hibiki Moriyama of STNet, Incorporated reported these vulnerabilities to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

CVE-2022-38089
Yuya Chudo of N.F.Laboratories Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
CVSS Severity (What is CVSS?)

CVSS V3 Severity:
Base Metrics 8.8 (High) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High
CVSS V2 Severity:
Base Metrics 6.5 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Low
  • Authentication: Single Instance
  • Confidentiality Impact: Partial
  • Integrity Impact: Partial
  • Availability Impact: Partial
The above CVSS base scores have been assigned for CVE-2022-37333

CVSS V3 Severity:
Base Metrics 5.4 (Medium) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: Required
  • Scope: Changed
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: None
CVSS V2 Severity:
Base Metrics 2.1 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: High
  • Authentication: Single
  • Confidentiality Impact: None
  • Integrity Impact: Partial
  • Availability Impact: None
The above CVSS base scores have been assigned for CVE-2022-38080

CVSS V3 Severity:
Base Metrics 5.4 (Medium) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: Required
  • Scope: Changed
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: None
CVSS V2 Severity:
Base Metrics 3.5 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Medium
  • Authentication: Single
  • Confidentiality Impact: None
  • Integrity Impact: Partial
  • Availability Impact: None
The above CVSS base scores have been assigned for CVE-2022-38089
Affected Products


Kajitori Corporation
  • exceedone/exment (PHP8) v5.0.2 and earlier
  • exceedone/exment (PHP7) v4.4.2 and earlier
  • exceedone/laravel-admin (PHP8) v3.0.0 and earlier
  • exceedone/laravel-admin (PHP7) v2.2.2 and earlier

Impact

* An arbitrary script may be executed on the web browser of the user who is accessing the website using the product - CVE-2022-38080, CVE-2022-38089
* Information in the database may be obtained or altered - CVE-2022-37333
Solution

[Update the Software]
Update Exment and laravel-admin to the latest version according to the information provided by the developer.

The developer has released the below versions that contain the fixes for these vulnerabilities.

* For PHP8: exceedone/exment v5.0.3 and exceedone/laravel-admin v3.0.1
* For PHP7: exceedone/exment v4.4.3 and exceedone/laravel-admin v2.2.3

[Apply Workaround]
The developer provides the workaround to mitigate the impacts of these vulnerabilities to the users who cannot update the affected product to the latest version.
For details of the workaround, refer to the information provided by the developer.
Vendor Information

Kajitori Corporation
CWE (What is CWE?)

  1. Cross-site Scripting(CWE-79) [IPA Evaluation]
  2. SQL Injection(CWE-89) [IPA Evaluation]
CVE (What is CVE?)

  1. CVE-2022-38080
  2. CVE-2022-37333
  3. CVE-2022-38089
References

  1. JVN : JVN#46239102
Revision History

  • [2022/08/24]
      Web page was published

Date Public2022/08/24
Date First Published2022/08/24
Date Last Updated2022/08/24