CVE-2016-4843

Опубликовано: 20 апр. 2017

Источник: nvd

CVSS3: 6.5

CVSS2: 4.3

EPSS Низкий

Описание

Cybozu Mailwise before 5.4.0 allows remote attackers to obtain sensitive cookie information.

Ссылки

http://jvn.jp/en/jp/JVN03052683/index.html
Third Party Advisory
VDB Entry
http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000137.html
VDB Entry
http://www.securityfocus.com/bid/92461
Third Party Advisory
VDB Entry
https://support.cybozu.com/ja-jp/article/9654
Vendor Advisory
http://jvn.jp/en/jp/JVN03052683/index.html
Third Party Advisory
VDB Entry
http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000137.html
VDB Entry
http://www.securityfocus.com/bid/92461
Third Party Advisory
VDB Entry
https://support.cybozu.com/ja-jp/article/9654
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:cybozu:mailwise:5.0.0:*:*:*:*:*:*:*

cpe:2.3:a:cybozu:mailwise:5.0.1:*:*:*:*:*:*:*

cpe:2.3:a:cybozu:mailwise:5.0.4:*:*:*:*:*:*:*

cpe:2.3:a:cybozu:mailwise:5.0.5:*:*:*:*:*:*:*

cpe:2.3:a:cybozu:mailwise:5.0.6:*:*:*:*:*:*:*

cpe:2.3:a:cybozu:mailwise:5.1.0:*:*:*:*:*:*:*

cpe:2.3:a:cybozu:mailwise:5.1.1:*:*:*:*:*:*:*

cpe:2.3:a:cybozu:mailwise:5.1.2:*:*:*:*:*:*:*

cpe:2.3:a:cybozu:mailwise:5.1.4:*:*:*:*:*:*:*

cpe:2.3:a:cybozu:mailwise:5.2.0:*:*:*:*:*:*:*

cpe:2.3:a:cybozu:mailwise:5.2.1:*:*:*:*:*:*:*

cpe:2.3:a:cybozu:mailwise:5.3.0:*:*:*:*:*:*:*

cpe:2.3:a:cybozu:mailwise:5.3.1:*:*:*:*:*:*:*

cpe:2.3:a:cybozu:mailwise:5.3.2:*:*:*:*:*:*:*

EPSS

Процентиль: 76%

0.00932

Низкий

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-7g37-8w78-v3jx