Lucene search

JpcertCVE-2024-31400

HistoryJun 11, 2024 - 5:15 a.m.

CVE-2024-31400

2024-06-1105:15:53

jpcert

web.nvd.nist.gov

cybozu garoon

sensitive information

data insertion

vulnerability

forwarded mail

AI Score

6.4

Confidence

Low

EPSS

Percentile

9.0%

JSON

Insertion of sensitive information into sent data issue exists in Cybozu Garoon 5.0.0 to 5.15.0. If this vulnerability is exploited, unintended data may be left in forwarded mail.

Affected configurations

Vulners

Node

cybozugaroonRange5.0.0–5.15.0

VendorProductVersionCPE
cybozugaroon*cpe:2.3:a:cybozu:garoon:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cybozu	garoon	*	cpe:2.3:a:cybozu:garoon::::::::

CNA Affected

[
  {
    "vendor": "Cybozu, Inc.",
    "product": "Cybozu Garoon",
    "versions": [
      {
        "version": "5.0.0 to 5.15.0",
        "status": "affected"
      }
    ]
  }
]

References

cs.cybozu.co.jp/2024/007901.html

jvn.jp/en/jp/JVN28869536/