CVE-2017-2116

Cybozu Office 10.0.0 to 10.5.0 allows remote authenticated attackers to bypass access restriction to delete "customapp" templates via unspecified vectors...

CVE-2017-2116

Cybozu Office 10.0.0 to 10.5.0 allows remote authenticated attackers to bypass access restriction to delete "customapp" templates via unspecified vectors...

CVE-2017-2116

Cybozu Office 10.0.0–10.5.0 contains an access restriction bypass in the templates delete function for the ustomappeature, enabling remote authenticated attackers to delete ustomappmplates via unspecified vectors. The CVE is CVE-2017-2116. The vulnerability is documented across multiple sourc...

CVE-2017-2116

Cybozu Office 10.0.0 to 10.5.0 allows remote authenticated attackers to bypass access restriction to delete "customapp" templates via unspecified vectors...

Cybozu Office fails to restrict access permission in the templates delete function in "customapp"

Overview Cybozu Office contains an access restriction flaw in the templates delete function in "customapp". Cybozu, Inc. reported this vulnerabilities to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Cybozu, Inc. coordinated under the Information Security Early Warning...