Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
3 vulnerabilities by iChain, Inc.
CVE-2019-5923 (GCVE-0-2019-5923)
Vulnerability from cvelistv5 – Published: 2019-03-12 21:00 – Updated: 2024-08-04 20:09
VLAI
Summary
Directory traversal vulnerability in iChain Insurance Wallet App for iOS Version 1.3.0 and earlier allows remote attackers to read arbitrary files via unspecified vectors.
Severity
No CVSS data available.
CWE
- Directory traversal
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://jvn.jp/en/jp/JVN11622218/index.html | third-party-advisoryx_refsource_JVN |
| https://www.ichain.co.jp/security20190311.html | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| iChain, Inc. | iChain Insurance Wallet App for iOS |
Affected:
Version 1.3.0 and earlier
|
Date Public
2019-03-12 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:09:23.666Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#11622218",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN11622218/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.ichain.co.jp/security20190311.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iChain Insurance Wallet App for iOS",
"vendor": "iChain, Inc.",
"versions": [
{
"status": "affected",
"version": "Version 1.3.0 and earlier"
}
]
}
],
"datePublic": "2019-03-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in iChain Insurance Wallet App for iOS Version 1.3.0 and earlier allows remote attackers to read arbitrary files via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Directory traversal",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-12T20:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#11622218",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN11622218/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.ichain.co.jp/security20190311.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2019-5923",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iChain Insurance Wallet App for iOS",
"version": {
"version_data": [
{
"version_value": "Version 1.3.0 and earlier"
}
]
}
}
]
},
"vendor_name": "iChain, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in iChain Insurance Wallet App for iOS Version 1.3.0 and earlier allows remote attackers to read arbitrary files via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Directory traversal"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#11622218",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN11622218/index.html"
},
{
"name": "https://www.ichain.co.jp/security20190311.html",
"refsource": "MISC",
"url": "https://www.ichain.co.jp/security20190311.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2019-5923",
"datePublished": "2019-03-12T21:00:00.000Z",
"dateReserved": "2019-01-10T00:00:00.000Z",
"dateUpdated": "2024-08-04T20:09:23.666Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-5923 (GCVE-0-2019-5923)
Vulnerability from nvd – Published: 2019-03-12 21:00 – Updated: 2024-08-04 20:09
VLAI
Summary
Directory traversal vulnerability in iChain Insurance Wallet App for iOS Version 1.3.0 and earlier allows remote attackers to read arbitrary files via unspecified vectors.
Severity
No CVSS data available.
CWE
- Directory traversal
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://jvn.jp/en/jp/JVN11622218/index.html | third-party-advisoryx_refsource_JVN |
| https://www.ichain.co.jp/security20190311.html | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| iChain, Inc. | iChain Insurance Wallet App for iOS |
Affected:
Version 1.3.0 and earlier
|
Date Public
2019-03-12 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:09:23.666Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#11622218",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN11622218/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.ichain.co.jp/security20190311.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iChain Insurance Wallet App for iOS",
"vendor": "iChain, Inc.",
"versions": [
{
"status": "affected",
"version": "Version 1.3.0 and earlier"
}
]
}
],
"datePublic": "2019-03-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in iChain Insurance Wallet App for iOS Version 1.3.0 and earlier allows remote attackers to read arbitrary files via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Directory traversal",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-12T20:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#11622218",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN11622218/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.ichain.co.jp/security20190311.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2019-5923",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iChain Insurance Wallet App for iOS",
"version": {
"version_data": [
{
"version_value": "Version 1.3.0 and earlier"
}
]
}
}
]
},
"vendor_name": "iChain, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in iChain Insurance Wallet App for iOS Version 1.3.0 and earlier allows remote attackers to read arbitrary files via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Directory traversal"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#11622218",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN11622218/index.html"
},
{
"name": "https://www.ichain.co.jp/security20190311.html",
"refsource": "MISC",
"url": "https://www.ichain.co.jp/security20190311.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2019-5923",
"datePublished": "2019-03-12T21:00:00.000Z",
"dateReserved": "2019-01-10T00:00:00.000Z",
"dateUpdated": "2024-08-04T20:09:23.666Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
JVNDB-2019-000015
Vulnerability from jvndb - Published: 2019-03-12 14:28 - Updated:2019-09-27 10:04
Severity
Summary
iChain Insurance Wallet App for iOS vulnerable to directory traversal
Details
iChain Insurance Wallet App for iOS provided by iChain, Inc. uses the old version of cordova-plugin-ionic-webview, and inherits a directory traversal vulnerability (CWE-22, CVE-2018-16202).
Gaku Mochizuki of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2019/JVNDB-2019-000015.html",
"dc:date": "2019-09-27T10:04+09:00",
"dcterms:issued": "2019-03-12T14:28+09:00",
"dcterms:modified": "2019-09-27T10:04+09:00",
"description": "iChain Insurance Wallet App for iOS provided by iChain, Inc. uses the old version of cordova-plugin-ionic-webview, and inherits a directory traversal vulnerability (CWE-22, CVE-2018-16202).\r\n\r\nGaku Mochizuki of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA.\r\n JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2019/JVNDB-2019-000015.html",
"sec:cpe": {
"#text": "cpe:/a:ichain:insurance_wallet",
"@product": "iChain Insurance Wallet",
"@vendor": "iChain, Inc.",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "4.3",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"@version": "2.0"
},
{
"@score": "4.7",
"@severity": "Medium",
"@type": "Base",
"@vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2019-000015",
"sec:references": [
{
"#text": "https://jvn.jp/en/jp/JVN11622218/index.html",
"@id": "JVN#11622218",
"@source": "JVN"
},
{
"#text": "https://jvn.jp/en/jp/JVN69812763/",
"@id": "JVN#69812763",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5923",
"@id": "CVE-2019-5923",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2019-5923",
"@id": "CVE-2019-5923",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-22",
"@title": "Path Traversal(CWE-22)"
}
],
"title": "iChain Insurance Wallet App for iOS vulnerable to directory traversal"
}