Published:2022/08/24  Last Updated:2022/08/24

JVN#46239102
Multiple vulnerabilities in Exment

Overview

Exment provided by Kajitori Co.,Ltd contains multiple vulnerabilities.

Products Affected

  •    (PHP8) exceedone/exment v5.0.2 and earlier, exceedone/laravel-admin v3.0.0 and earlier
  •    (PHP7) exceedone/exment v4.4.2 and earlier, exceedone/laravel-admin v2.2.2 and earlier

Description

Exment provided by Kajitori Co.,Ltd contains multiple vulnerabilities listed below.

  • Reflected cross-site scripting (CWE-79) - CVE-2022-38080
    CVSS v3 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N Base Score: 5.4
    CVSS v2 AV:N/AC:H/Au:S/C:N/I:P/A:N Base Score: 2.1
  • SQL injection (CWE-89) - CVE-2022-37333
    CVSS v3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Base Score: 8.8
    CVSS v2 AV:N/AC:L/Au:S/C:P/I:P/A:P Base Score: 6.5
  • Stored cross-site scripting (CWE-79) - CVE-2022-38089
    CVSS v3 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N Base Score: 5.4
    CVSS v2 AV:N/AC:M/Au:S/C:N/I:P/A:N Base Score: 3.5

Impact

  • An arbitrary script may be executed on the web browser of the user who is accessing the website using the product - CVE-2022-38080, CVE-2022-38089
  • Information in the database may be obtained or altered - CVE-2022-37333

Solution

Update the Software
Update Exment and laravel-admin to the latest version according to the information provided by the developer.

The developer has released the below versions that contain the fixes for these vulnerabilities.

  • For PHP8: exceedone/exment v5.0.3 and exceedone/laravel-admin v3.0.1
  • For PHP7: exceedone/exment v4.4.3 and exceedone/laravel-admin v2.2.3

Apply Workaround
The developer provides the workaround to mitigate the impacts of these vulnerabilities to the users who cannot update the affected product to the latest version.
For details of the workaround, refer to the information provided by the developer.

Vendor Status

Vendor Link
Kajitori Co.,Ltd Vulnerability response Cross-site scripting and SQL injection
Release notes
Patch / Vulnerability List

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Credit

CVE-2022-38080, CVE-2022-37333
Hibiki Moriyama of STNet, Incorporated reported these vulnerabilities to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

CVE-2022-38089
Yuya Chudo of N.F.Laboratories Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE CVE-2022-38080
CVE-2022-37333
CVE-2022-38089
JVN iPedia JVNDB-2022-000065