CVE-2014-1993

Cybozu Garoon <3.7 SP4 - Auth Bypass

Title source: llm

Description

The Portlets subsystem in Cybozu Garoon 2.x and 3.x before 3.7 SP4 allows remote authenticated users to bypass intended access restrictions via unspecified vectors.

References (3)

Core 3

Core References

Vendor Advisory x_refsource_confirm

http://cs.cybozu.co.jp/information/gr20140714up04.php

Vendor Advisory third-party-advisory x_refsource_jvndb

http://jvndb.jvn.jp/jvndb/JVNDB-2014-000077

Vendor Advisory third-party-advisory x_refsource_jvn

http://jvn.jp/en/jp/JVN75990997/index.html

Scores

EPSS 0.0021

EPSS Percentile 42.8%

Details

CWE

CWE-264

Status published

Products (25)

cybozu/garoon 2.0.0

cybozu/garoon 2.1.0

cybozu/garoon 2.1.1

cybozu/garoon 2.1.2

cybozu/garoon 2.1.3

cybozu/garoon 2.5.0

cybozu/garoon 2.5.1

cybozu/garoon 2.5.2

cybozu/garoon 2.5.3

cybozu/garoon 2.5.4

... and 15 more

Published Jul 20, 2014

Tracked Since Feb 18, 2026