CVE-2016-1192

MEDIUM

Cybozu Garoon <4.2 - Path Traversal

Title source: llm
STIX 2.1

Description

Directory traversal vulnerability in the logging implementation in Cybozu Garoon 3.7 through 4.2 allows remote authenticated users to read a log file via unspecified vectors.

References (3)

Core 3
Core References
Vendor Advisory third-party-advisory x_refsource_jvn
http://jvn.jp/en/jp/JVN14749391/index.html
Vendor Advisory third-party-advisory x_refsource_jvndb
http://jvndb.jvn.jp/jvndb/JVNDB-2016-000095
Patch, Vendor Advisory x_refsource_confirm
https://garoon.cybozu.co.jp/support/update/package/421sp1.html#03

Scores

CVSS v3 4.3
EPSS 0.0030
EPSS Percentile 53.0%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Details

CWE
CWE-200 CWE-22
Status published
Products (11)
cybozu/garoon 3.7.0
cybozu/garoon 3.7.1
cybozu/garoon 3.7.2
cybozu/garoon 3.7.3
cybozu/garoon 3.7.4
cybozu/garoon 3.7.5
cybozu/garoon 4.0.0
cybozu/garoon 4.0.1
cybozu/garoon 4.0.2
cybozu/garoon 4.0.3
... and 1 more
Published Jun 19, 2016
Tracked Since Feb 18, 2026