JVN#75990997: Cybozu Garoon vulnerable to access restriction bypass

2014-07-15T00:00:00
ID JVN:75990997
Type jvn
Reporter Japan Vulnerability Notes
Modified 2014-07-17T00:00:00

Description

## Description

Cybozu Garoon provided by Cybozu, Inc. is a groupware. Cybozu Garoon contains an issue in the function "Portlets", which may result in an access restriction bypass vulnerability (CWE-264).

## Impact

Portlets may be altered by another Cybozu Garoon user.

## Solution

Update the Software
Update to the latest version according to the information provided by the developer.

## Products Affected

  • Cybozu Garoon 2.0.0 to 3.7 Service Pack 3