Published:
2019/02/27
Last Updated:
2019/02/27
Information from TIS Inc.
Vulnerability ID:JVN#56542712
Title:Multiple vulnerabilities in Nablarch
Status:Vulnerable
This is a statement from the vendor itself with no modification by JPCERT/CC.
・CVE-2019-5918:The vulnerability in the function of generic formatter by XXE attacks(CWE-611)
https://nablarch.atlassian.net/projects/NAB/issues/NAB-295
・CVE-2019-5919:An incomplete cryptography of the data store function by using hidden tag(CWE-310)
https://nablarch.atlassian.net/browse/NAB-313
