CVE-2018-0532

LOW

Cybozu Garoon 3.0.0-4.2.6 - Authenticated Access Restriction Bypass in Standard Database Settings

Title source: llm
STIX 2.1

Description

Cybozu Garoon 3.0.0 to 4.2.6 allows remote authenticated attackers to bypass access restriction to alter setting data of the Standard database via unspecified vectors.

References (2)

Core 2
Core References
Vendor Advisory x_refsource_confirm
https://support.cybozu.com/ja-jp/article/9378
Third Party Advisory, VDB Entry third-party-advisory x_refsource_jvn
http://jvn.jp/en/jp/JVN65268217/index.html

Scores

CVSS v3 2.7
EPSS 0.0018
EPSS Percentile 39.6%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N

Details

CWE
CWE-79
Status published
Products (1)
cybozu/garoon 3.0.0 - 4.2.6
Published Apr 16, 2018
Tracked Since Feb 18, 2026