Lucene search

[email protected]NVD:CVE-2014-0821

HistoryFeb 27, 2014 - 1:55 a.m.

CVE-2014-0821

2014-02-2701:55:03

CWE-89

[email protected]

web.nvd.nist.gov

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

7.8 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

66.3%

JSON

SQL injection vulnerability in the download feature in Cybozu Garoon 2.x through 2.5.4 and 3.x through 3.7 SP3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2013-6930 and CVE-2013-6931.

Affected configurations

NVD

Node

cybozugaroonMatch2.0sp1

cybozugaroonMatch2.0sp2

cybozugaroonMatch2.0sp3

cybozugaroonMatch2.0sp4

cybozugaroonMatch2.0sp5

cybozugaroonMatch2.0sp6

cybozugaroonMatch2.0.0

cybozugaroonMatch2.0.1

cybozugaroonMatch2.0.2

cybozugaroonMatch2.0.3

cybozugaroonMatch2.0.4

cybozugaroonMatch2.0.5

cybozugaroonMatch2.0.6

cybozugaroonMatch2.1

cybozugaroonMatch2.1sp1

cybozugaroonMatch2.1sp2

cybozugaroonMatch2.1sp3

cybozugaroonMatch2.1.0

cybozugaroonMatch2.1.1

cybozugaroonMatch2.1.2

cybozugaroonMatch2.1.3

cybozugaroonMatch2.5

cybozugaroonMatch2.5sp1

cybozugaroonMatch2.5sp2

cybozugaroonMatch2.5sp3

cybozugaroonMatch2.5sp4

cybozugaroonMatch2.5.0

cybozugaroonMatch2.5.1

cybozugaroonMatch2.5.2

cybozugaroonMatch2.5.3

cybozugaroonMatch2.5.4

Node

cybozugaroonMatch3.0

cybozugaroonMatch3.0sp1

cybozugaroonMatch3.0sp2

cybozugaroonMatch3.0sp3

cybozugaroonMatch3.1

cybozugaroonMatch3.1sp1

cybozugaroonMatch3.1sp2

cybozugaroonMatch3.1sp3

cybozugaroonMatch3.5

cybozugaroonMatch3.5sp1

cybozugaroonMatch3.5sp2

cybozugaroonMatch3.5sp3

cybozugaroonMatch3.5sp4

cybozugaroonMatch3.5sp5

cybozugaroonMatch3.5.3

cybozugaroonMatch3.7

cybozugaroonMatch3.7sp1

cybozugaroonMatch3.7sp2

cybozugaroonMatch3.7sp3

References

cs.cybozu.co.jp/information/gr20140225up04.php

jvn.jp/en/jp/JVN71045461/index.html

jvndb.jvn.jp/jvndb/JVNDB-2014-000024

www.securityfocus.com/bid/65809

support.cybozu.com/ja-jp/article/7993

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

7.8 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

66.3%

JSON

Related for NVD:CVE-2014-0821

prion3 cvelist3 cve3 jvn2 nvd2