Remote Service Manager@3.1.8 Security Vulnerabilities and Issues — Remote Service Manager@3.1.8 CVE List

Lucene search

CybozuRemote Service Manager3.1.8

10 matches found

CVE•added 2021/10/13 9:15 a.m.•44 views

CVE-2021-20797

Cross-site script inclusion vulnerability in the management screen of Cybozu Remote Service 3.1.8 allows a remote authenticated attacker to obtain the information stored in the product. This issue occurs only when using Mozilla Firefox.

5.4CVSS5.8AI score0.00209EPSS

CVE•added 2021/10/13 9:15 a.m.•41 views

CVE-2021-20796

Directory traversal vulnerability in the management screen of Cybozu Remote Service 3.1.8 allows a remote authenticated attacker to upload an arbitrary file via unspecified vectors.

6.5CVSS6.5AI score0.00434EPSS

CVE•added 2021/10/13 9:15 a.m.•41 views

CVE-2021-20798

Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.

5.4CVSS5.4AI score0.00209EPSS

CVE•added 2021/10/13 9:15 a.m.•40 views

CVE-2021-20802

HTTP header injection vulnerability in Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote attacker to alter the information stored in the product.

5.3CVSS5.7AI score0.00351EPSS

CVE•added 2021/10/13 9:15 a.m.•38 views

CVE-2021-20803

Operation restriction bypass in the management screen of Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated attacker to alter the data of the management screen.

5.4CVSS5.6AI score0.00152EPSS

CVE•added 2021/10/13 9:15 a.m.•37 views

CVE-2021-20801

Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated attacker to conduct XML External Entity (XXE) attacks and obtain the information stored in the product via unspecified vectors. This issue occurs only when using Mozilla Firefox.

6.5CVSS6.3AI score0.00488EPSS

CVE•added 2021/10/13 9:15 a.m.•36 views

CVE-2021-20800

Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.8 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.

5.4CVSS5.4AI score0.00209EPSS

CVE•added 2021/10/13 9:15 a.m.•35 views

CVE-2021-20795

Cross-site request forgery (CSRF) vulnerability in the management screen of Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote attacker to hijack the authentication of administrators and unintended operations may be performed via unspecified vectors.

8.8CVSS8.9AI score0.00094EPSS

CVE•added 2021/10/13 9:15 a.m.•35 views

CVE-2021-20799

Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.

5.4CVSS5.4AI score0.00209EPSS

CVE•added 2021/10/13 9:15 a.m.•35 views

CVE-2021-20804

Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated attacker to cause a denial of service (DoS) condition via unspecified vectors.

6.5CVSS6.3AI score0.00485EPSS