Medium severity5.5NVD Advisory· Published Jan 24, 2024· Updated Jun 17, 2026
CVE-2024-21796
CVE-2024-21796
Description
Electronic Deliverables Creation Support Tool (Construction Edition) prior to Ver1.0.4 and Electronic Deliverables Creation Support Tool (Design & Survey Edition) prior to Ver1.0.4 improperly restrict XML external entity references (XXE). By processing a specially crafted XML file, arbitrary files on the system may be read by an attacker.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: prior to Ver1.0.4
Patches
Vulnerability mechanics
References
2- jvn.jp/en/jp/JVN40049211/nvdThird Party Advisory
- www.dfeg.mod.go.jp/hp/contents-dfis/tool.htmlnvdProduct
News mentions
0No linked articles in our index yet.