3 matches found
CVE-2020-5566
Improper authorization vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 allows remote authenticated attackers to alter the application's data via the applications 'E-mail' and 'Messages'...
CVE-2020-5566
Cybozu Garoon 4.0.0–4.10.3 contains an improper authorization vulnerability (CWE-285) that allows remote authenticated attackers to alter data via the E-mail and Messages applications. Affected component: Cybozu Garoon core with access to E-mail and Messages; root cause is improper authorization ...
JVN#35649781: Multiple vulnerabilities in Cybozu Garoon
Cybozu Garoon provided by Cybozu, Inc. contains multiple vulnerabilities listed below. Authentication bypass in the API used to specify the fields CWE-287 - CVE-2020-5563 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N| Base Score: 5.3 CVSS v2|...