Vulnerability Details CVE-2022-36344
An unquoted search path vulnerability exists in 'JustSystems JUST Online Update for J-License' bundled with multiple products for corporate users as in Ichitaro through Pro5 and others. Since the affected product starts another program with an unquoted file path, a malicious file may be executed with the privilege of the Windows service if it is placed in a certain path. Affected products are bundled with the following product series: Office and Office Integrated Software, ATOK, Hanako, JUST PDF, Shuriken, Homepage Builder, JUST School, JUST Smile Class, JUST Smile, JUST Frontier, JUST Jump, and Tri-De DetaProtect.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 52.3%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2022-36344
-
cpe:2.3:a:justsystems:atok_medical_2:-
-
cpe:2.3:a:justsystems:atok_medical_3:-
-
cpe:2.3:a:justsystems:atok_pro_3:-
-
cpe:2.3:a:justsystems:atok_pro_4:-
-
cpe:2.3:a:justsystems:atok_pro_5:-
-
cpe:2.3:a:justsystems:hanako_police_5:*
-
cpe:2.3:a:justsystems:hanako_police_6:*
-
cpe:2.3:a:justsystems:hanako_police_7:*
-
cpe:2.3:a:justsystems:hanako_pro_3:*
-
cpe:2.3:a:justsystems:hanako_pro_4:*
-
cpe:2.3:a:justsystems:hanako_pro_5:*
-
cpe:2.3:a:justsystems:homepage_builder_20:*
-
cpe:2.3:a:justsystems:homepage_builder_21:*
-
cpe:2.3:a:justsystems:homepage_builder_22:*
-
cpe:2.3:a:justsystems:ichitaro_government_10:-
-
cpe:2.3:a:justsystems:ichitaro_government_8:-
-
cpe:2.3:a:justsystems:ichitaro_government_9:-
-
cpe:2.3:a:justsystems:ichitaro_pro_3:-
-
cpe:2.3:a:justsystems:ichitaro_pro_4:-
-
cpe:2.3:a:justsystems:ichitaro_pro_5:-
-
cpe:2.3:a:justsystems:just_calc_3:*
-
cpe:2.3:a:justsystems:just_calc_4:*
-
cpe:2.3:a:justsystems:just_calc_5:*
-
cpe:2.3:a:justsystems:just_focus_3:*
-
cpe:2.3:a:justsystems:just_focus_4:*
-
cpe:2.3:a:justsystems:just_frontier_3:*
-
cpe:2.3:a:justsystems:just_government_2:*
-
cpe:2.3:a:justsystems:just_government_3:-
-
cpe:2.3:a:justsystems:just_government_4:-
-
cpe:2.3:a:justsystems:just_government_5:-
-
cpe:2.3:a:justsystems:just_jump_8:*
-
cpe:2.3:a:justsystems:just_jump_class:2
-
cpe:2.3:a:justsystems:just_jump_class_2:*
-
cpe:2.3:a:justsystems:just_medical_2:*
-
cpe:2.3:a:justsystems:just_medical_3:*
-
cpe:2.3:a:justsystems:just_medical_4:*
-
cpe:2.3:a:justsystems:just_medical_5:*
-
cpe:2.3:a:justsystems:just_note_3:*
-
cpe:2.3:a:justsystems:just_note_4:*
-
cpe:2.3:a:justsystems:just_note_5:*
-
cpe:2.3:a:justsystems:just_office_2:*
-
cpe:2.3:a:justsystems:just_office_3:-
-
cpe:2.3:a:justsystems:just_office_4:-
-
cpe:2.3:a:justsystems:just_office_5:-
-
cpe:2.3:a:justsystems:just_pdf_3:*
-
cpe:2.3:a:justsystems:just_pdf_4:*
-
cpe:2.3:a:justsystems:just_pdf_5:*
-
cpe:2.3:a:justsystems:just_police_2:*
-
cpe:2.3:a:justsystems:just_police_3:-
-
cpe:2.3:a:justsystems:just_police_4:-
-
cpe:2.3:a:justsystems:just_police_5:-
-
cpe:2.3:a:justsystems:just_school_6:*
-
cpe:2.3:a:justsystems:just_school_7:*
-
cpe:2.3:a:justsystems:just_smile_6:*
-
cpe:2.3:a:justsystems:just_smile_7:*
-
cpe:2.3:a:justsystems:just_smile_8:*
-
cpe:2.3:a:justsystems:just_smile_class_2:*
-
cpe:2.3:a:justsystems:shuriken_pro_6:*
-
cpe:2.3:a:justsystems:shuriken_pro_7:*
-
cpe:2.3:a:justsystems:tri-de_dataprotect:*