Published:2024/05/15 Last Updated:2024/05/15
JVNVU#95350607
Multiple vulnerabilities in Field Logic DataCube
Overview
DataCube provided by Field Logic Inc. contains multiple vulnerabilities.
Products Affected
- DataCube3 all versions
- DataCube4 versions prior to 1.0.1.50
Description
DataCube provided by Field Logic Inc. contains multiple vulnerabilities listed below.
- Direct Request ('Forced Browsing') (CWE-425)
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Base Score 7.5
- CVE-2024-25830
- Reflected cross-site scripting (CWE-79)
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Base Score 6.1
- CVE-2024-25831
- Unrestricted upload of file with dangerous type (CWE-434)
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Base Score 8.8
- CVE-2024-25832
- SQL injection (CWE-89)
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Base Score 5.3
- CVE-2024-25833
Impact
- An unauthenticated attacker may obtain the root and admin password (CVE-2024-25830)
- When the authenticated user accesses a malicious web page, an arbitrary script may be executed on the user's web browser (CVE-2024-25831)
- An authenticated malicious actor may upload a file of dangerous type, resulting in code execution (CVE-2024-25832)
- An unauthenticated attacker may execute an arbitrary SQL query (CVE-2024-25833)
Solution
Contact vendor
Contact the vendor to get information on the affected products and mitigation.
Vendor Status
| Vendor | Link |
| Field Logic Inc. | Alert on vulnerabilities in DataCube3 and DataCube4 (Text in Japanese) |
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
Credit
CVE-2024-25830, CVE-2024-25831, CVE-2024-25832, CVE-2024-25833
Thomas J. Knudsen and Samy Younsi of NeroTeam Security Labs reported these vulnerabilities to JPCERT/CC.
JPCERT/CC coordinated with the developer.
CVE-2024-25832
CV3TR4CK reported this vulnerability to JPCERT/CC during the coordination based on the above report.