CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-22380

Electronic Delivery Check System (Ministry of Agriculture, Forestry and Fisheries The Agriculture and Rural Development Project Version) March, Heisei 31 era edition Ver.14.0.001.002 and earlier improperly restricts XML external entity references (XXE). By processing a specially crafted XML file, arbitrary files on the system may be read by an attacker.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 5.3%

CVSS Severity

CVSS v3 Score 5.5

References

https://jvn.jp/en/jp/JVN01434915/
https://www.maff.go.jp/j/nousin/seko/nouhin_youryou/densi.html
https://jvn.jp/en/jp/JVN01434915/
https://www.maff.go.jp/j/nousin/seko/nouhin_youryou/densi.html

Products affected by CVE-2024-22380

Maff » Electronic Delivery Check System » Version: N/A

cpe:2.3:a:maff:electronic_delivery_check_system:-
Maff » Electronic Delivery Check System » Version: 14.0.001.002

cpe:2.3:a:maff:electronic_delivery_check_system:14.0.001.002

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-22380

Products

Pricing

Contact Us