Operation restriction bypass vulnerability in MultiReport of Cybozu Garoon 5.15.0 allows a remote authenticated attacker to alter the data of MultiReport.
Max CVSS
4.3
EPSS Score
0.06%
Published
2023-05-23
Updated
2023-05-30
Operation restriction bypass vulnerability in Message and Bulletin of Cybozu Garoon 4.6.0 to 5.9.2 allows a remote authenticated attacker to alter the data of Message and/or Bulletin.
Max CVSS
4.3
EPSS Score
0.06%
Published
2023-05-23
Updated
2023-05-31
Denial-of-service (DoS) vulnerability in Message of Cybozu Garoon 4.10.0 to 5.9.2 allows a remote authenticated attacker to cause a denial of service condition.
Max CVSS
6.5
EPSS Score
0.07%
Published
2023-05-23
Updated
2023-05-31
Browse restriction bypass vulnerability in Cabinet of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to obtain the data of Cabinet.
Max CVSS
4.3
EPSS Score
0.08%
Published
2022-07-11
Updated
2022-07-15
Browsing restriction bypass vulnerability in Bulletin of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenticated attacker to obtain the data of Bulletin.
Max CVSS
4.3
EPSS Score
0.08%
Published
2022-07-11
Updated
2022-07-15
Operation restriction bypass in multiple applications of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenticated attacker to alter the file information and/or delete the files.
Max CVSS
8.1
EPSS Score
0.16%
Published
2022-07-11
Updated
2022-07-15
Improper input validation vulnerability in Space of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to repeatedly display errors in certain functions and cause a denial-of-service (DoS).
Max CVSS
6.5
EPSS Score
0.14%
Published
2022-07-04
Updated
2022-07-12
Cross-site scripting vulnerability in Scheduler of Cybozu Garoon 4.10.0 to 5.5.1 allows a remote authenticated attacker with an administrative privilege to execute an arbitrary script.
Max CVSS
4.8
EPSS Score
0.07%
Published
2022-07-04
Updated
2022-07-12
Exposure of sensitive information to an unauthorized actor issue in multiple applications of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenticated attacker to obtain the data without the viewing privilege.
Max CVSS
6.5
EPSS Score
0.09%
Published
2022-07-11
Updated
2022-07-15
Operation restriction bypass vulnerability in Space of Cybozu Garoon 4.0.0 to 5.9.0 allows a remote authenticated attacker to delete the data of Space.
Max CVSS
8.1
EPSS Score
0.16%
Published
2022-07-04
Updated
2022-07-12
Browse restriction bypass vulnerability in Bulletin of Cybozu Garoon allows a remote authenticated attacker to obtain the data of Bulletin.
Max CVSS
4.3
EPSS Score
0.08%
Published
2022-07-04
Updated
2022-07-12
Address information disclosure vulnerability in Cybozu Garoon 4.2.0 to 5.5.1 allows a remote authenticated attacker to obtain some data of Address.
Max CVSS
4.3
EPSS Score
0.08%
Published
2022-07-04
Updated
2022-07-12
Operation restriction bypass vulnerability in Bulletin of Cybozu Garoon 4.0.0 to 5.5.1 allow a remote authenticated attacker to alter the data of Bulletin.
Max CVSS
4.3
EPSS Score
0.08%
Published
2022-07-04
Updated
2022-07-12
Improper authentication vulnerability in Scheduler of Cybozu Garoon 4.10.0 to 5.5.1 allows a remote attacker to obtain some data of Facility Information without logging in to the product.
Max CVSS
5.3
EPSS Score
0.14%
Published
2022-07-04
Updated
2022-07-12
Improper input validation vulnerability in Scheduler of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter the data of Scheduler.
Max CVSS
4.3
EPSS Score
0.08%
Published
2022-07-04
Updated
2022-07-12
Improper input validation vulnerability in Link of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to disable to add Categories.
Max CVSS
4.3
EPSS Score
0.08%
Published
2022-07-04
Updated
2022-07-12
Improper input validation vulnerability in Space of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter the data of Space.
Max CVSS
4.3
EPSS Score
0.08%
Published
2022-07-04
Updated
2022-07-12
Operation restriction bypass vulnerability in Workflow of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter the data of Workflow.
Max CVSS
4.3
EPSS Score
0.08%
Published
2022-07-04
Updated
2022-07-12
Cross-site scripting vulnerability in Organization's Information of Cybozu Garoon 4.10.2 to 5.5.1 allows a remote attacker to execute an arbitrary script on the logged-in user's web browser.
Max CVSS
6.1
EPSS Score
0.11%
Published
2022-07-04
Updated
2022-07-11
Browse restriction bypass and operation restriction bypass vulnerability in Cabinet of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter and/or obtain the data of Cabinet.
Max CVSS
5.5
EPSS Score
0.08%
Published
2022-07-04
Updated
2022-07-11
Operation restriction bypass vulnerability in Link of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter the data of Link.
Max CVSS
4.3
EPSS Score
0.08%
Published
2022-07-04
Updated
2022-07-11
Operation restriction bypass vulnerability in Portal of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter the data of Portal.
Max CVSS
4.3
EPSS Score
0.08%
Published
2022-07-04
Updated
2022-07-11
Improper input validation vulnerability in Bulletin of Cybozu Garoon 4.10.0 to 5.5.0 allows a remote authenticated attacker to obtain the data of Comment and Space without the viewing privilege.
Max CVSS
4.3
EPSS Score
0.08%
Published
2021-08-18
Updated
2021-08-24
Cross-site scripting vulnerability in some functions of E-mail of Cybozu Garoon 4.0.0 to 5.5.0 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.
Max CVSS
5.4
EPSS Score
0.07%
Published
2021-08-18
Updated
2021-08-24
There is a vulnerability in Workflow of Cybozu Garoon 4.0.0 to 5.5.0, which may allow a remote authenticated attacker to delete the route information Workflow without the appropriate privilege.
Max CVSS
4.3
EPSS Score
0.08%
Published
2021-08-18
Updated
2022-07-12
175 vulnerabilities found
1 2 3 4 5 6 7
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!