CVE-2018-0566

MEDIUM

Cybozu Office 10.0.0-10.8.0 - Authenticated Privilege Escalation via Schedule Access Bypass

Title source: llm
STIX 2.1

Description

Cybozu Office 10.0.0 to 10.8.0 allows authenticated attackers to bypass authentication to obtain the schedules without access privilege via unspecified vectors.

References (2)

Core 2
Core References
Third Party Advisory x_refsource_confirm
https://support.cybozu.com/ja-jp/article/10195
Third Party Advisory third-party-advisory x_refsource_jvn
http://jvn.jp/en/jp/JVN51737843/index.html

Scores

CVSS v3 4.3
EPSS 0.0018
EPSS Percentile 38.7%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Details

CWE
CWE-269
Status published
Products (1)
cybozu/office 10.0.0 - 10.8.0
Published Jun 26, 2018
Tracked Since Feb 18, 2026