JVN#73897863: Multiple vulnerabilities in Cybozu Garoon

Cybozu Garoon provided by Cybozu, Inc. contains multiple vulnerabilities listed below.

[CyVDB-1584][CyVDB-2670] Operation restriction bypass vulnerability in Bulletin (CWE-285) - CVE-2022-28718

Version	Vector	Score
CVSS v3	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N	Base Score: 4.3
CVSS v2	AV:N/AC:L/Au:S/C:N/I:P/A:N	Base Score: 4.0

[CyVDB-1865][CyVDB-2692] Operation restriction bypass vulnerability in Workflow (CWE-285) - CVE-2022-27661

Version	Vector	Score
CVSS v3	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N	Base Score: 4.3
CVSS v2	AV:N/AC:L/Au:S/C:N/I:P/A:N	Base Score: 4.0

[CyVDB-2660] Improper input validation vulnerability in Space (CWE-20) - CVE-2022-29892

Version	Vector	Score
CVSS v3	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L	Base Score: 4.3
CVSS v2	AV:N/AC:L/Au:S/C:N/I:N/A:P	Base Score: 4.0

[CyVDB-2667] Cross-site scripting vulnerability in Scheduler (CWE-79) - CVE-2022-29513

Version	Vector	Score
CVSS v3	CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N	Base Score: 4.8
CVSS v2	AV:N/AC:M/Au:S/C:N/I:P/A:N	Base Score: 3.5

[CyVDB-2685] Browse restriction bypass vulnerability in Bulletin (CWE-284) - CVE-2022-29471

Version	Vector	Score
CVSS v3	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N	Base Score: 4.3
CVSS v2	AV:N/AC:L/Au:S/C:P/I:N/A:N	Base Score: 4.0

[CyVDB-2689] Operation restriction bypass vulnerability in Portal (CWE-285) - CVE-2022-26051

Version	Vector	Score
CVSS v3	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N	Base Score: 4.3
CVSS v2	AV:N/AC:L/Au:S/C:N/I:P/A:N	Base Score: 4.0

[CyVDB-2718] Improper input validation vulnerability in Scheduler (CWE-20) - CVE-2022-28692

Version	Vector	Score
CVSS v3	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N	Base Score: 4.3
CVSS v2	AV:N/AC:L/Au:S/C:N/I:P/A:N	Base Score: 4.0

[CyVDB-2839] Improper input validation vulnerability in Space (CWE-20) - CVE-2022-27803

Version	Vector	Score
CVSS v3	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N	Base Score: 4.3
CVSS v2	AV:N/AC:L/Au:S/C:N/I:P/A:N	Base Score: 4.0

[CyVDB-2841] Browse restriction bypass and operation restriction bypass vulnerability in Cabinet (CWE-285) - CVE-2022-26368

Version	Vector	Score
CVSS v3	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N	Base Score: 5.4
CVSS v2	AV:N/AC:L/Au:S/C:N/I:P/A:N	Base Score: 4.0

[CyVDB-2889] Cross-site scripting vulnerability in Organization’s Information (CWE-79) - CVE-2022-27627

Version	Vector	Score
CVSS v3	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	Base Score: 6.1
CVSS v2	AV:N/AC:M/Au:N/C:N/I:P/A:N	Base Score: 4.3

[CyVDB-2897] Operation restriction bypass vulnerability in Link (CWE-285) - CVE-2022-26054

Version	Vector	Score
CVSS v3	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N	Base Score: 4.3
CVSS v2	AV:N/AC:L/Au:S/C:N/I:P/A:N	Base Score: 4.0

[CyVDB-2906] Improper input validation vulnerability in Link (CWE-20) - CVE-2022-27807

Version	Vector	Score
CVSS v3	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L	Base Score: 4.3
CVSS v2	AV:N/AC:L/Au:S/C:N/I:N/A:P	Base Score: 4.0

[CyVDB-2932] Address information disclosure vulnerability (CWE-200) - CVE-2022-29467

Version	Vector	Score
CVSS v3	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N	Base Score: 4.3
CVSS v2	AV:N/AC:L/Au:S/C:P/I:N/A:N	Base Score: 4.0

[CyVDB-2940] Improper authentication vulnerability in Scheduler (CWE-287) - CVE-2022-28713

Version	Vector	Score
CVSS v3	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N	Base Score: 5.3
CVSS v2	AV:N/AC:L/Au:N/C:P/I:N/A:N	Base Score: 5.0

[CyVDB-3001] Operation restriction bypass vulnerability in Space (CWE-285) - CVE-2022-29484

Version	Vector	Score
CVSS v3	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N	Base Score: 4.3
CVSS v2	AV:N/AC:L/Au:S/C:N/I:P/A:N	Base Score: 4.0

[CyVDB-2911] Browse restriction bypass vulnerability in Cabinet (CWE-284) - CVE-2022-31472

Version	Vector	Score
CVSS v3	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N	Base Score: 4.3
CVSS v2	AV:N/AC:L/Au:S/C:P/I:N/A:N	Base Score: 4.0

Impact

• [CyVDB-1584], [CyVDB-2670]:
  A user who can log in to the product may alter the data of Bulletin.
• [CyVDB-1865], [CyVDB-2692]:
  A user who can log in to the product may alter the data of Workflow.
• [CyVDB-2660]:
  A user who can log in to the product may repeatedly display errors in certain functions and cause a denial-of-service (DoS).
• [CyVDB-2667], [CyVDB-2889]:
  An arbitrary script may be executed on a logged-in user’s web browser.
• [CyVDB-2685]:
  A user who can log in to the product may obtain the data of Bulletin.
• [CyVDB-2689]:
  A user who can log in to the product may alter the data of Portal.
• [CyVDB-2718]:
  A user who can log in to the product may alter the data of Scheduler.
• [CyVDB-2839]:
  A user who can log in to the product may alter the data of Space.
• [CyVDB-2841]:
  A user who can log in to the product may alter and/or obtain the data of Cabinet.
• [CyVDB-2897]:
  A user who can log in to the product may alter the data of Link.
• [CyVDB-2906]:
  A user who can log in to the product may make it impossible to add Categories.
• [CyVDB-2932]:
  A user who can log in to the product may obtain some data of Address.
• [CyVDB-2940]:
  A user may obtain some data of Facility Information without logging in to the product.
• [CyVDB-3001]:
  A user who can log in to the product may delete the data of Space.
• [CyVDB-2911]:
  A user who can log in to the product may obtain the data of Cabinet.

Solution

Update the Software
Update to the latest version according to the information provided by the developer.

Products Affected

[CyVDB-1584], [CyVDB-1865], [CyVDB-2670], [CyVDB-2660], [CyVDB-2689], [CyVDB-2692], [CyVDB-2718], [CyVDB-2839], [CyVDB-2841], [CyVDB-2897], [CyVDB-2906], [CyVDB-2911]

• Cybozu Garoon 4.0.0 to 5.5.1
  [CyVDB-2667]、[CyVDB-2940]

• Cybozu Garoon 4.10.0 to 5.5.1
  [CyVDB-2685]

• Cybozu Garoon 4.6.0 to 5.9.0
  [CyVDB-2889]

• Cybozu Garoon 4.10.2 to 5.5.1
  [CyVDB-2932]

• Cybozu Garoon 4.2.0 to 5.5.1
  [CyVDB-3001]

• Cybozu Garoon 4.0.0 to 5.9.0