CVE-2017-2091

MEDIUM

Cybozu Garoon <4.2.3 - Auth Bypass

Title source: llm

Description

Cybozu Garoon 3.0.0 to 4.2.3 allows remote authenticated attackers to bypass access restriction in Phone Messages function to alter the status of phone messages via unspecified vectors.

References (3)

Scores

CVSS v3 4.3
EPSS 0.0019
EPSS Percentile 41.2%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Classification

Status published

Affected Products (29)

cybozu/garoon
cybozu/garoon
cybozu/garoon
cybozu/garoon
cybozu/garoon
cybozu/garoon
cybozu/garoon
cybozu/garoon
cybozu/garoon
cybozu/garoon
cybozu/garoon
cybozu/garoon
cybozu/garoon
cybozu/garoon
cybozu/garoon
... and 14 more

Timeline

Published Apr 28, 2017
Tracked Since Feb 18, 2026