CVE-2016-7815

MEDIUM

Cybozu Remote Service Manager - Improper Certificate Validation

Title source: rule

Description

Remote Service Manager 3.0.0 to 3.1.4 fails to verify client certificates, which may allow remote attackers to gain access to systems on the network.

References (3)

Scores

CVSS v3 4.2
EPSS 0.0009
EPSS Percentile 25.0%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N

Classification

CWE
CWE-295
Status published

Affected Products (8)

cybozu/remote_service_manager
cybozu/remote_service_manager
cybozu/remote_service_manager
cybozu/remote_service_manager
cybozu/remote_service_manager
cybozu/remote_service_manager
cybozu/remote_service_manager
Cybozu, Inc./Remote Service Manager < 3.0.0 to 3.1.4

Timeline

Published Apr 28, 2017
Tracked Since Feb 18, 2026