Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    2 vulnerabilities by MIND CO.,LTD.

    JVNDB-2012-000097

    Vulnerability from jvndb - Published: 2012-11-02 14:18 - Updated:2012-11-02 14:18
    Severity
    N/A (UNKNOWN) - -
    Summary
    MosP kintai kanri vulnerable to authentication bypass
    Details
    MosP kintai kanri contains an authentication bypass vulnerability. MosP kintai kanri is an open source attendance management software. MosP kintai kanri contains an authentication bypass vulnerability. Masako Ohno reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    References
    Impacted products
    Show details on JVN DB website
    To clipboard 

    {
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2012/JVNDB-2012-000097.html",
  "dc:date": "2012-11-02T14:18+09:00",
  "dcterms:issued": "2012-11-02T14:18+09:00",
  "dcterms:modified": "2012-11-02T14:18+09:00",
  "description": "MosP kintai kanri contains an authentication bypass vulnerability.\r\n\r\nMosP kintai kanri is an open source attendance management software. MosP kintai kanri contains an authentication bypass vulnerability.\r\n\r\nMasako Ohno reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
  "link": "https://jvndb.jvn.jp/en/contents/2012/JVNDB-2012-000097.html",
  "sec:cpe": {
    "#text": "cpe:/a:mosp:kintai_kanri",
    "@product": "MosP kintai kanri",
    "@vendor": "MIND CO.,LTD.",
    "@version": "2.2"
  },
  "sec:cvss": {
    "@score": "6.5",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2012-000097",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN52264310/index.html",
      "@id": "JVN#52264310",
      "@source": "JVN"
    },
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4021",
      "@id": "CVE-2012-4021",
      "@source": "CVE"
    },
    {
      "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4021",
      "@id": "CVE-2012-4021",
      "@source": "NVD"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-264",
      "@title": "Permissions(CWE-264)"
    }
  ],
  "title": "MosP kintai kanri vulnerable to authentication bypass"
}

    JVNDB-2012-000096

    Vulnerability from jvndb - Published: 2012-11-02 14:16 - Updated:2012-11-02 14:16
    Severity
    N/A (UNKNOWN) - -
    Summary
    MosP kintai kanri fails to restrict access permissions
    Details
    MosP kintai kanri contains an issue where access permissions are not restricted. MosP kintai kanri is an open source attendance management software. MosP kintai kanri contains an issue where access permissions are not restricted. Masako Ohno reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    References
    Impacted products
    Show details on JVN DB website
    To clipboard 

    {
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2012/JVNDB-2012-000096.html",
  "dc:date": "2012-11-02T14:16+09:00",
  "dcterms:issued": "2012-11-02T14:16+09:00",
  "dcterms:modified": "2012-11-02T14:16+09:00",
  "description": "MosP kintai kanri contains an issue where access permissions are not restricted.\r\n\r\nMosP kintai kanri is an open source attendance management software. MosP kintai kanri contains an issue where access permissions are not restricted.\r\n\r\nMasako Ohno reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
  "link": "https://jvndb.jvn.jp/en/contents/2012/JVNDB-2012-000096.html",
  "sec:cpe": {
    "#text": "cpe:/a:mosp:kintai_kanri",
    "@product": "MosP kintai kanri",
    "@vendor": "MIND CO.,LTD.",
    "@version": "2.2"
  },
  "sec:cvss": {
    "@score": "4.0",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2012-000096",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN23465354/index.html",
      "@id": "JVN#23465354",
      "@source": "JVN"
    },
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4020",
      "@id": "CVE-2012-4020",
      "@source": "CVE"
    },
    {
      "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4020",
      "@id": "CVE-2012-4020",
      "@source": "NVD"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-264",
      "@title": "Permissions(CWE-264)"
    }
  ],
  "title": "MosP kintai kanri fails to restrict access permissions"
}