2 matches found
CVE-2014-1996
Cybozu Garoon 3.7 before SP4 allows remote authenticated users to bypass intended access restrictions, and execute arbitrary code or cause a denial of service, via an API call...
CVE-2014-1996
CVE-2014-1996 affects Cybozu Garoon 3.7 up to Service Pack 3. A vulnerability in Garoon’s API access control (CWE-264) allows remote authenticated users to bypass restrictions and either execute arbitrary code or cause a DoS. The issue is tied to the API layer and is exploitable through API calls...