Vulnerabilities > Cybozu

DATE CVE VULNERABILITY TITLE RISK
2022-12-07 CVE-2022-44608 Resource Exhaustion vulnerability in Cybozu Remote Service
Uncontrolled resource consumption vulnerability in Cybozu Remote Service 4.0.0 to 4.0.3 allows a remote authenticated attacker to consume huge storage space, which may result in a denial-of-service (DoS) condition.
network
low complexity
cybozu CWE-400
7.5
2022-07-11 CVE-2022-29512 Missing Authorization vulnerability in Cybozu Garoon
Exposure of sensitive information to an unauthorized actor issue in multiple applications of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenticated attacker to obtain the data without the viewing privilege.
network
low complexity
cybozu CWE-862
4.0
2022-07-11 CVE-2022-30602 Unspecified vulnerability in Cybozu Garoon
Operation restriction bypass in multiple applications of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenticated attacker to alter the file information and/or delete the files.
network
low complexity
cybozu
5.5
2022-07-11 CVE-2022-30943 Unspecified vulnerability in Cybozu Garoon
Browsing restriction bypass vulnerability in Bulletin of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenticated attacker to obtain the data of Bulletin.
network
low complexity
cybozu
4.0
2022-07-11 CVE-2022-31472 Unspecified vulnerability in Cybozu Garoon
Browse restriction bypass vulnerability in Cabinet of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to obtain the data of Cabinet.
network
low complexity
cybozu
4.0
2022-07-04 CVE-2022-26051 Incorrect Permission Assignment for Critical Resource vulnerability in Cybozu Garoon
Operation restriction bypass vulnerability in Portal of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter the data of Portal.
network
low complexity
cybozu CWE-732
4.0
2022-07-04 CVE-2022-26054 Incorrect Permission Assignment for Critical Resource vulnerability in Cybozu Garoon
Operation restriction bypass vulnerability in Link of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter the data of Link.
network
low complexity
cybozu CWE-732
4.0
2022-07-04 CVE-2022-26368 Incorrect Permission Assignment for Critical Resource vulnerability in Cybozu Garoon
Browse restriction bypass and operation restriction bypass vulnerability in Cabinet of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter and/or obtain the data of Cabinet.
network
low complexity
cybozu CWE-732
5.5
2022-07-04 CVE-2022-27627 Cross-site Scripting vulnerability in Cybozu Garoon
Cross-site scripting vulnerability in Organization's Information of Cybozu Garoon 4.10.2 to 5.5.1 allows a remote attacker to execute an arbitrary script on the logged-in user's web browser.
network
cybozu CWE-79
4.3
2022-07-04 CVE-2022-27661 Incorrect Authorization vulnerability in Cybozu Garoon
Operation restriction bypass vulnerability in Workflow of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter the data of Workflow.
network
low complexity
cybozu CWE-863
4.0