Lucene search
Japan Vulnerability NotesJVN:60997973HistoryDec 25, 2013 - 12:00 a.m.
JVN#60997973: Cybozu Garoon vulnerable to SQL injection
2013-12-2500:00:00
Japan Vulnerability Notes
jvn.jp
20
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
56.2%
Cybozu Garoon provided by Cybozu, Inc. is a groupware. Cybozu Garoon contains an issue in processing input through API, which may result in SQL injection.
Impact
A user who can log in to the system may alter information stored in the database.
Solution
Apply the Patch
Apply the appropriate patch according to the information provided by the developer.
Products Affected
- Cybozu Garoon version 3.7 Service Pack 2 and earlier
Related
seebug
seebug
Cybozu GaroonζͺζSQL注ε
₯ζΌζ΄
2013-12-30 00:00:00
prion
prion
cve
cve
cvelist
cvelist
nvd
nvd
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
56.2%
Related for JVN:60997973