Unknown · Electronic Delivery Item Inspection Support System · CVE-2024-21765
**Name of the Vulnerable Software and Affected Versions**
Electronic Delivery Check System (Doboku) versions 18.1.0 and earlier
Electronic Delivery Check System (Dentsu) versions 12.1.0 and earlier
Electronic Delivery Check System (Kikai) versions 10.1.0 and earlier
Electronic delivery item Inspection Support System versions 4.0.31 and earlier
**Description**
The affected systems improperly restrict XML external entity references (XXE). By processing a specially crafted XML file, an attacker may be able to read arbitrary files on the system.
**Recommendations**
For Electronic Delivery Check System (Doboku) versions 18.1.0 and earlier, consider disabling XML external entity references until a patch is available.
For Electronic Delivery Check System (Dentsu) versions 12.1.0 and earlier, consider disabling XML external entity references until a patch is available.
For Electronic Delivery Check System (Kikai) versions 10.1.0 and earlier, consider disabling XML external entity references until a patch is available.
For Electronic delivery item Inspection Support System versions 4.0.31 and earlier, consider disabling XML external entity references until a patch is available.
At the moment, there is no information about a newer version that contains a fix for this issue.