CVE-2023-31824

An issue found in DERICIA Co. Ltd, DELICIA v.13.6.1 allows a remote attacker to gain access to sensitive information via the channel access token in the miniapp DELICIA function.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:dericia:delicia:13.6.1:*:*:*:*:*:*:*

History

30 Oct 2024, 20:35

Type Values Removed Values Added
CWE CWE-522

25 Jul 2023, 18:55

Type Values Removed Values Added
CPE cpe:2.3:a:dericia:delicia:13.6.1:*:*:*:*:*:*:*
CWE NVD-CWE-noinfo
First Time Dericia
Dericia delicia
References (MISC) http://delicia.com - (MISC) http://delicia.com - Product
References (MISC) https://github.com/syz913/CVE-reports/blob/main/CVE-2023-31824.md - (MISC) https://github.com/syz913/CVE-reports/blob/main/CVE-2023-31824.md - Exploit, Third Party Advisory
References (MISC) http://dericia.com - (MISC) http://dericia.com - Product
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5

13 Jul 2023, 15:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-07-13 15:15

Updated : 2024-10-30 20:35


NVD link : CVE-2023-31824

Mitre link : CVE-2023-31824

CVE.ORG link : CVE-2023-31824


JSON object : View

Products Affected

dericia

  • delicia
CWE
NVD-CWE-noinfo CWE-522

Insufficiently Protected Credentials