CVE-2016-7815

MEDIUM

Cybozu Remote Service Manager 3.0.0-3.1.4 - Improper Certificate Validation

Title source: llm
STIX 2.1

Description

Remote Service Manager 3.0.0 to 3.1.4 fails to verify client certificates, which may allow remote attackers to gain access to systems on the network.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/95379
Third Party Advisory, VDB Entry third-party-advisory x_refsource_jvn
http://jvn.jp/en/jp/JVN19241292/index.html
Vendor Advisory x_refsource_misc
https://support.cybozu.com/ja-jp/article/9689

Scores

CVSS v3 4.2
EPSS 0.0009
EPSS Percentile 24.9%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N

Details

CWE
CWE-295
Status published
Products (8)
cybozu/remote_service_manager 3.0.0
cybozu/remote_service_manager 3.0.1
cybozu/remote_service_manager 3.1.0
cybozu/remote_service_manager 3.1.1
cybozu/remote_service_manager 3.1.2
cybozu/remote_service_manager 3.1.3
cybozu/remote_service_manager 3.1.4
Cybozu, Inc./Remote Service Manager 3.0.0 to 3.1.4
Published Apr 28, 2017
Tracked Since Feb 18, 2026