Vulnerabilities > CVE-2024-31398 - Unspecified vulnerability in Cybozu Garoon

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

LOW

Integrity impact

NONE

Availability impact

NONE

network

low complexity

cybozu

NVD

Published: 2024-06-11

Updated: 2024-08-23

Summary

Insertion of sensitive information into sent data issue exists in Cybozu Garoon 5.0.0 to 5.15.2. If this vulnerability is exploited, a user who can log in to the product may obtain information on the list of users.

Vulnerable Configurations

Part	Description	Count
Application	Cybozu Cybozu Garoon 5.0.0 Cybozu Garoon 5.0.1 Cybozu Garoon 5.0.2 Cybozu Garoon 5.5.0 Cybozu Garoon 5.5.1 Cybozu Garoon 5.9.0 Cybozu Garoon 5.9.1 Cybozu Garoon 5.9.2 Cybozu Garoon 5.15.0 Cybozu Garoon 5.15.1	10

References

https://cs.cybozu.co.jp/2024/007901.html
https://jvn.jp/en/jp/JVN28869536/