Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
6 vulnerabilities found for HIBUN Confidential File Decryption program by Hitachi Solutions, Ltd.
CVE-2017-10865 (GCVE-0-2017-10865)
Vulnerability from nvd – Published: 2017-10-12 14:00 – Updated: 2024-08-05 17:50
VLAI
Summary
Untrusted search path vulnerability in HIBUN Confidential File Decryption program prior to 10.50.0.5 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. Note this is a separate vulnerability from CVE-2017-10863.
Severity
No CVSS data available.
CWE
- Untrusted search path vulnerability
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.hitachi-solutions.co.jp/hibun/sp/suppo… | x_refsource_CONFIRM |
| https://jvn.jp/en/jp/JVN55516206/index.html | third-party-advisoryx_refsource_JVN |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hitachi Solutions, Ltd. | HIBUN Confidential File Decryption program |
Affected:
prior to 10.50.0.5
|
Date Public
2017-09-29 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:50:12.499Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.hitachi-solutions.co.jp/hibun/sp/support/importance/20170929.html"
},
{
"name": "JVN#55516206",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN55516206/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HIBUN Confidential File Decryption program",
"vendor": "Hitachi Solutions, Ltd.",
"versions": [
{
"status": "affected",
"version": "prior to 10.50.0.5"
}
]
}
],
"datePublic": "2017-09-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in HIBUN Confidential File Decryption program prior to 10.50.0.5 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. Note this is a separate vulnerability from CVE-2017-10863."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Untrusted search path vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-12T13:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.hitachi-solutions.co.jp/hibun/sp/support/importance/20170929.html"
},
{
"name": "JVN#55516206",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN55516206/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2017-10865",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HIBUN Confidential File Decryption program",
"version": {
"version_data": [
{
"version_value": "prior to 10.50.0.5"
}
]
}
}
]
},
"vendor_name": "Hitachi Solutions, Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in HIBUN Confidential File Decryption program prior to 10.50.0.5 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. Note this is a separate vulnerability from CVE-2017-10863."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.hitachi-solutions.co.jp/hibun/sp/support/importance/20170929.html",
"refsource": "CONFIRM",
"url": "http://www.hitachi-solutions.co.jp/hibun/sp/support/importance/20170929.html"
},
{
"name": "JVN#55516206",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN55516206/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2017-10865",
"datePublished": "2017-10-12T14:00:00.000Z",
"dateReserved": "2017-07-04T00:00:00.000Z",
"dateUpdated": "2024-08-05T17:50:12.499Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-10863 (GCVE-0-2017-10863)
Vulnerability from nvd – Published: 2017-10-12 14:00 – Updated: 2024-08-05 17:50
VLAI
Summary
Untrusted search path vulnerability in HIBUN Confidential File Decryption program prior to 10.50.0.5 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. Note this is a separate vulnerability from CVE-2017-10865.
Severity
No CVSS data available.
CWE
- Untrusted search path vulnerability
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.hitachi-solutions.co.jp/hibun/sp/suppo… | x_refsource_CONFIRM |
| https://jvn.jp/en/jp/JVN58909026/index.html | third-party-advisoryx_refsource_JVN |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hitachi Solutions, Ltd. | HIBUN Confidential File Decryption program |
Affected:
prior to 10.50.0.5
|
Date Public
2017-09-29 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:50:12.541Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.hitachi-solutions.co.jp/hibun/sp/support/importance/20170929.html"
},
{
"name": "JVN#58909026",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN58909026/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HIBUN Confidential File Decryption program",
"vendor": "Hitachi Solutions, Ltd.",
"versions": [
{
"status": "affected",
"version": "prior to 10.50.0.5"
}
]
}
],
"datePublic": "2017-09-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in HIBUN Confidential File Decryption program prior to 10.50.0.5 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. Note this is a separate vulnerability from CVE-2017-10865."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Untrusted search path vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-12T13:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.hitachi-solutions.co.jp/hibun/sp/support/importance/20170929.html"
},
{
"name": "JVN#58909026",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN58909026/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2017-10863",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HIBUN Confidential File Decryption program",
"version": {
"version_data": [
{
"version_value": "prior to 10.50.0.5"
}
]
}
}
]
},
"vendor_name": "Hitachi Solutions, Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in HIBUN Confidential File Decryption program prior to 10.50.0.5 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. Note this is a separate vulnerability from CVE-2017-10865."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.hitachi-solutions.co.jp/hibun/sp/support/importance/20170929.html",
"refsource": "CONFIRM",
"url": "http://www.hitachi-solutions.co.jp/hibun/sp/support/importance/20170929.html"
},
{
"name": "JVN#58909026",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN58909026/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2017-10863",
"datePublished": "2017-10-12T14:00:00.000Z",
"dateReserved": "2017-07-04T00:00:00.000Z",
"dateUpdated": "2024-08-05T17:50:12.541Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-10865 (GCVE-0-2017-10865)
Vulnerability from cvelistv5 – Published: 2017-10-12 14:00 – Updated: 2024-08-05 17:50
VLAI
Summary
Untrusted search path vulnerability in HIBUN Confidential File Decryption program prior to 10.50.0.5 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. Note this is a separate vulnerability from CVE-2017-10863.
Severity
No CVSS data available.
CWE
- Untrusted search path vulnerability
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.hitachi-solutions.co.jp/hibun/sp/suppo… | x_refsource_CONFIRM |
| https://jvn.jp/en/jp/JVN55516206/index.html | third-party-advisoryx_refsource_JVN |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hitachi Solutions, Ltd. | HIBUN Confidential File Decryption program |
Affected:
prior to 10.50.0.5
|
Date Public
2017-09-29 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:50:12.499Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.hitachi-solutions.co.jp/hibun/sp/support/importance/20170929.html"
},
{
"name": "JVN#55516206",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN55516206/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HIBUN Confidential File Decryption program",
"vendor": "Hitachi Solutions, Ltd.",
"versions": [
{
"status": "affected",
"version": "prior to 10.50.0.5"
}
]
}
],
"datePublic": "2017-09-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in HIBUN Confidential File Decryption program prior to 10.50.0.5 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. Note this is a separate vulnerability from CVE-2017-10863."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Untrusted search path vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-12T13:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.hitachi-solutions.co.jp/hibun/sp/support/importance/20170929.html"
},
{
"name": "JVN#55516206",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN55516206/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2017-10865",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HIBUN Confidential File Decryption program",
"version": {
"version_data": [
{
"version_value": "prior to 10.50.0.5"
}
]
}
}
]
},
"vendor_name": "Hitachi Solutions, Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in HIBUN Confidential File Decryption program prior to 10.50.0.5 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. Note this is a separate vulnerability from CVE-2017-10863."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.hitachi-solutions.co.jp/hibun/sp/support/importance/20170929.html",
"refsource": "CONFIRM",
"url": "http://www.hitachi-solutions.co.jp/hibun/sp/support/importance/20170929.html"
},
{
"name": "JVN#55516206",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN55516206/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2017-10865",
"datePublished": "2017-10-12T14:00:00.000Z",
"dateReserved": "2017-07-04T00:00:00.000Z",
"dateUpdated": "2024-08-05T17:50:12.499Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-10863 (GCVE-0-2017-10863)
Vulnerability from cvelistv5 – Published: 2017-10-12 14:00 – Updated: 2024-08-05 17:50
VLAI
Summary
Untrusted search path vulnerability in HIBUN Confidential File Decryption program prior to 10.50.0.5 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. Note this is a separate vulnerability from CVE-2017-10865.
Severity
No CVSS data available.
CWE
- Untrusted search path vulnerability
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.hitachi-solutions.co.jp/hibun/sp/suppo… | x_refsource_CONFIRM |
| https://jvn.jp/en/jp/JVN58909026/index.html | third-party-advisoryx_refsource_JVN |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hitachi Solutions, Ltd. | HIBUN Confidential File Decryption program |
Affected:
prior to 10.50.0.5
|
Date Public
2017-09-29 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:50:12.541Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.hitachi-solutions.co.jp/hibun/sp/support/importance/20170929.html"
},
{
"name": "JVN#58909026",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN58909026/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HIBUN Confidential File Decryption program",
"vendor": "Hitachi Solutions, Ltd.",
"versions": [
{
"status": "affected",
"version": "prior to 10.50.0.5"
}
]
}
],
"datePublic": "2017-09-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in HIBUN Confidential File Decryption program prior to 10.50.0.5 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. Note this is a separate vulnerability from CVE-2017-10865."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Untrusted search path vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-12T13:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.hitachi-solutions.co.jp/hibun/sp/support/importance/20170929.html"
},
{
"name": "JVN#58909026",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN58909026/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2017-10863",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HIBUN Confidential File Decryption program",
"version": {
"version_data": [
{
"version_value": "prior to 10.50.0.5"
}
]
}
}
]
},
"vendor_name": "Hitachi Solutions, Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in HIBUN Confidential File Decryption program prior to 10.50.0.5 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. Note this is a separate vulnerability from CVE-2017-10865."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.hitachi-solutions.co.jp/hibun/sp/support/importance/20170929.html",
"refsource": "CONFIRM",
"url": "http://www.hitachi-solutions.co.jp/hibun/sp/support/importance/20170929.html"
},
{
"name": "JVN#58909026",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN58909026/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2017-10863",
"datePublished": "2017-10-12T14:00:00.000Z",
"dateReserved": "2017-07-04T00:00:00.000Z",
"dateUpdated": "2024-08-05T17:50:12.541Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
JVNDB-2017-000227
Vulnerability from jvndb - Published: 2017-10-11 16:43 - Updated:2018-03-07 12:06
Severity
Summary
HIBUN Confidential File Decryption program may insecurely load Dynamic Link Libraries
Details
HIBUN Confidential File Decryption program provided by Hitachi Solutions, Ltd. contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427).
Note that this vulnerability is different from JVN#55516206.
Yuji Tounai of NTT Communications Corporation reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
| Type | URL | |
|---|---|---|
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2017/JVNDB-2017-000227.html",
"dc:date": "2018-03-07T12:06+09:00",
"dcterms:issued": "2017-10-11T16:43+09:00",
"dcterms:modified": "2018-03-07T12:06+09:00",
"description": "HIBUN Confidential File Decryption program provided by Hitachi Solutions, Ltd. contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427).\r\n\r\nNote that this vulnerability is different from JVN#55516206.\r\n\r\nYuji Tounai of NTT Communications Corporation reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2017/JVNDB-2017-000227.html",
"sec:cpe": {
"#text": "cpe:/a:hitachi-solutions:confidential_file_decryption",
"@product": "HIBUN Confidential File Decryption program",
"@vendor": "Hitachi Solutions, Ltd.",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "6.8",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"@version": "2.0"
},
{
"@score": "7.8",
"@severity": "High",
"@type": "Base",
"@vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2017-000227",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN58909026/index.html",
"@id": "JVN#58909026",
"@source": "JVN"
},
{
"#text": "http://jvn.jp/en/ta/JVNTA91240916/index.html",
"@id": "JVNTA#91240916",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10863",
"@id": "CVE-2017-10863",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2017-10863",
"@id": "CVE-2017-10863",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "HIBUN Confidential File Decryption program may insecurely load Dynamic Link Libraries"
}
JVNDB-2017-000226
Vulnerability from jvndb - Published: 2017-10-11 16:43 - Updated:2018-03-07 12:12
Severity
Summary
HIBUN Confidential File Decryption program may insecurely load Dynamic Link Libraries
Details
HIBUN Confidential File Decryption program provided by Hitachi Solutions, Ltd. contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427).
Note that this vulnerability is different from JVN#58909026.
Eili Masami of Tachibana Lab. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
| Type | URL | |
|---|---|---|
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2017/JVNDB-2017-000226.html",
"dc:date": "2018-03-07T12:12+09:00",
"dcterms:issued": "2017-10-11T16:43+09:00",
"dcterms:modified": "2018-03-07T12:12+09:00",
"description": "HIBUN Confidential File Decryption program provided by Hitachi Solutions, Ltd. contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427).\r\n\r\nNote that this vulnerability is different from JVN#58909026.\r\n\r\nEili Masami of Tachibana Lab. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2017/JVNDB-2017-000226.html",
"sec:cpe": {
"#text": "cpe:/a:hitachi-solutions:confidential_file_decryption",
"@product": "HIBUN Confidential File Decryption program",
"@vendor": "Hitachi Solutions, Ltd.",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "6.8",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"@version": "2.0"
},
{
"@score": "7.8",
"@severity": "High",
"@type": "Base",
"@vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2017-000226",
"sec:references": [
{
"#text": "http://jvn.jp/en/ta/JVNTA91240916/index.html",
"@id": "JVNTA#91240916",
"@source": "JVN"
},
{
"#text": "http://jvn.jp/en/jp/JVN55516206/index.html",
"@id": "JVN#55516206",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10865",
"@id": "CVE-2017-10865",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2017-10865",
"@id": "CVE-2017-10865",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "HIBUN Confidential File Decryption program may insecurely load Dynamic Link Libraries"
}