CVE-2022-26838

2023-08-0313:16:16

jpcert

www.cve.org

cybozu

remote service

path traversal

vulnerability

denial-of-service

dos

cve-2022-26838

7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.6%

JSON

Path traversal vulnerability in Importing Mobile Device Data of Cybozu Remote Service 3.1.2 allows a remote authenticated attacker to cause a denial-of-service (DoS) condition.

CNA Affected

[
  {
    "vendor": "Cybozu, Inc.",
    "product": "Cybozu Remote Service",
    "versions": [
      {
        "version": "3.1.2",
        "status": "affected"
      }
    ]
  }
]

References

jvn.jp/en/jp/JVN52694228/

kb.cybozu.support/article/37653/