[Japanese]

JVNDB-2023-000021

Multiple vulnerabilities in SS1 and Rakuraku PC Cloud

Overview

SS1 is asset management software and Rakuraku PC Cloud is cloud-based asset management service. SS1 and Rakuraku PC Cloud Agent contain multiple vulnerabilities listed below.
  • Improper Access Control (CWE-284) - CVE-2023-22335
  • Path Traversal (CWE-22) - CVE-2023-22336
  • Use of Hard-coded Credentials (CWE-798) - CVE-2023-22344

Denis Faiustov, and Ruslan Sayfiev of GMO Cyber Security by IERAE reported these vulnerabilities to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
CVSS Severity (What is CVSS?)

CVSS V3 Severity:
Base Metrics 7.5 (High) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: High
  • Integrity Impact: None
  • Availability Impact: None
CVSS V2 Severity:
Base Metrics 5.0 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Low
  • Authentication: None
  • Confidentiality Impact: Partial
  • Integrity Impact: None
  • Availability Impact: None
The above CVSS base scores have been assigned for CVE-2023-22335


> CVSS V3 Severity:
Base Metrics:5.3 (Medium) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: None
  • Integrity Impact: Low
  • Availability Impact: None
CVSS V2 Severity
Base Metrics: 5.0 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Low
  • Authentication: None
  • Confidentiality Impact: None
  • Integrity Impact: Partial
  • Availability Impact: None
The above CVSS base scores have been assigned for CVE-2023-22336


CVSS V3 Severity:
Base Metrics:5.3 (Medium) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: Low
  • Integrity Impact: None
  • Availability Impact: None
CVSS V2 Severity
Base Metrics: 5.0 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Low
  • Authentication: None
  • Confidentiality Impact: Partial
  • Integrity Impact: None
  • Availability Impact: None
The above CVSS base scores have been assigned for CVE-2023-22344
Affected Products


DOS Co., Ltd.
  • SS1 Ver.13.1.0.40 and earlier (Media version 13.1.0c and earlier)
  • Raku-Raku-PC-Cloud Agent Ver.2.1.8 and earlier

Impact

  • A remote attacker may download arbitrary files of the directory where the product runs - CVE-2023-22335
  • A remote attacker may upload a specially crafted file to an arbitrary directory - CVE-2023-22336
  • A remote attacker may obtain the password of the debug tool and execute it - CVE-2023-22344

When these vulnerabilities are combined, it allows a remote attacker to execute an arbitrary code with SYSTEM privileges by sending a specially crafted script to the affected device.
Solution

[Update the software]
Update software to the latest version according to the information provided by the developer.

The developer states that the patch of Rakuraku PC Cloud Agent is applied automatically when the client is launched.
Vendor Information

DOS Co., Ltd.
CWE (What is CWE?)

  1. Path Traversal(CWE-22) [IPA Evaluation]
  2. Permissions(CWE-264) [IPA Evaluation]
  3. No Mapping(CWE-Other) [IPA Evaluation]
CVE (What is CVE?)

  1. CVE-2023-22335
  2. CVE-2023-22336
  3. CVE-2023-22344
References

  1. JVN : JVN#57224029
  2. National Vulnerability Database (NVD) : CVE-2023-22335
  3. National Vulnerability Database (NVD) : CVE-2023-22336
  4. National Vulnerability Database (NVD) : CVE-2023-22344
Revision History

  • [2023/03/01]
      Web page was published
  • [2023/03/10]
      Affected Products : Product version was modified
  • [2024/06/06]
      References : Contents were added