Описание
Cybozu Garoon 3.7 before SP4 allows remote authenticated users to bypass intended access restrictions, and execute arbitrary code or cause a denial of service, via an API call.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:cybozu:garoon:3.7:sp1:*:*:*:*:*:*
cpe:2.3:a:cybozu:garoon:3.7:sp2:*:*:*:*:*:*
cpe:2.3:a:cybozu:garoon:3.7:sp3:*:*:*:*:*:*
cpe:2.3:a:cybozu:garoon:3.7.0:*:*:*:*:*:*:*
EPSS
Процентиль: 73%
0.00752
Низкий
7.5 High
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
больше 3 лет назад
Cybozu Garoon 3.7 before SP4 allows remote authenticated users to bypass intended access restrictions, and execute arbitrary code or cause a denial of service, via an API call.
EPSS
Процентиль: 73%
0.00752
Низкий
7.5 High
CVSS2
Дефекты
CWE-264