Lucene search
HistoryMay 02, 2014 - 10:55 a.m.
CVE-2014-1989
cybozu garoon
cve-2014-1989
access restrictions
remote authenticated users
6 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
6.2 Medium
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
68.3%
Cybozu Garoon 3.0 through 3.7 SP3 allows remote authenticated users to bypass intended access restrictions and delete schedule information via unspecified API calls.
Affected configurations
Node
cybozugaroonMatch3.0.0
ORcybozugaroonMatch3.0.1
ORcybozugaroonMatch3.0.2
ORcybozugaroonMatch3.0.3
ORcybozugaroonMatch3.1.0
ORcybozugaroonMatch3.1.1
ORcybozugaroonMatch3.1.2
ORcybozugaroonMatch3.1.3
ORcybozugaroonMatch3.5.0
ORcybozugaroonMatch3.5.1
ORcybozugaroonMatch3.5.2
ORcybozugaroonMatch3.5.3
ORcybozugaroonMatch3.5.4
ORcybozugaroonMatch3.5.5
ORcybozugaroonMatch3.7sp1
ORcybozugaroonMatch3.7sp2
ORcybozugaroonMatch3.7sp3
ORcybozugaroonMatch3.7.0
ORcybozugaroonMatch3.7.1
ORcybozugaroonMatch3.7.2
Related
prion
prion
Design/Logic Flaw
2014-05-02 10:55:00
cvelist
cvelist
CVE-2014-1989
2014-05-02 10:00:00
nvd
nvd
CVE-2014-1989
2014-05-02 10:55:07
jvn
jvn
JVN#31230946: Cybozu Garoon API access restriction bypass vulnerability
2014-04-30 00:00:00
6 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
6.2 Medium
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
68.3%
Related for CVE-2014-1989