CVE-2017-2094

Опубликовано: 28 апр. 2017

Источник: nvd

CVSS3: 4.3

CVSS2: 4

EPSS Низкий

Описание

Cybozu Garoon 3.0.0 to 4.2.3 allows remote authenticated attackers to bypass access restriction in Workflow and the "MultiReport" function to alter or delete information via unspecified vectors.

Ссылки

http://jvn.jp/en/jp/JVN73182875/index.html
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/96429
Third Party Advisory
VDB Entry
https://support.cybozu.com/ja-jp/article/9655
Vendor Advisory
http://jvn.jp/en/jp/JVN73182875/index.html
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/96429
Third Party Advisory
VDB Entry
https://support.cybozu.com/ja-jp/article/9655
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:cybozu:garoon:3.0.0:*:*:*:*:*:*:*

cpe:2.3:a:cybozu:garoon:3.0.1:*:*:*:*:*:*:*

cpe:2.3:a:cybozu:garoon:3.0.2:*:*:*:*:*:*:*

cpe:2.3:a:cybozu:garoon:3.0.3:*:*:*:*:*:*:*

cpe:2.3:a:cybozu:garoon:3.1.0:*:*:*:*:*:*:*

cpe:2.3:a:cybozu:garoon:3.1.1:*:*:*:*:*:*:*

cpe:2.3:a:cybozu:garoon:3.1.2:*:*:*:*:*:*:*

cpe:2.3:a:cybozu:garoon:3.1.3:*:*:*:*:*:*:*

cpe:2.3:a:cybozu:garoon:3.5.0:*:*:*:*:*:*:*

cpe:2.3:a:cybozu:garoon:3.5.1:*:*:*:*:*:*:*

cpe:2.3:a:cybozu:garoon:3.5.2:*:*:*:*:*:*:*

cpe:2.3:a:cybozu:garoon:3.5.3:*:*:*:*:*:*:*

cpe:2.3:a:cybozu:garoon:3.5.4:*:*:*:*:*:*:*

cpe:2.3:a:cybozu:garoon:3.5.5:*:*:*:*:*:*:*

cpe:2.3:a:cybozu:garoon:3.7.0:*:*:*:*:*:*:*

cpe:2.3:a:cybozu:garoon:3.7.1:*:*:*:*:*:*:*

cpe:2.3:a:cybozu:garoon:3.7.2:*:*:*:*:*:*:*

cpe:2.3:a:cybozu:garoon:3.7.3:*:*:*:*:*:*:*

cpe:2.3:a:cybozu:garoon:3.7.4:*:*:*:*:*:*:*

cpe:2.3:a:cybozu:garoon:3.7.5:*:*:*:*:*:*:*

cpe:2.3:a:cybozu:garoon:4.0.0:*:*:*:*:*:*:*

cpe:2.3:a:cybozu:garoon:4.0.1:*:*:*:*:*:*:*

cpe:2.3:a:cybozu:garoon:4.0.2:*:*:*:*:*:*:*

cpe:2.3:a:cybozu:garoon:4.0.3:*:*:*:*:*:*:*

cpe:2.3:a:cybozu:garoon:4.2.0:*:*:*:*:*:*:*

cpe:2.3:a:cybozu:garoon:4.2.1:*:*:*:*:*:*:*

cpe:2.3:a:cybozu:garoon:4.2.2:*:*:*:*:*:*:*

cpe:2.3:a:cybozu:garoon:4.2.3:*:*:*:*:*:*:*

EPSS

Процентиль: 36%

0.00153

Низкий

4.3 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-269

Связанные уязвимости

GHSA-xjj2-r3pr-m35h