Vulnerabilities > Cybozu > Remote Service Manager > 3.1.8

DATE CVE VULNERABILITY TITLE RISK
2021-10-13 CVE-2021-20805 Cross-site Scripting vulnerability in Cybozu Remote Service Manager 3.1.7/3.1.8/3.1.9
Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.7 to 3.1.9 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.
network
cybozu CWE-79
3.5
3.5
2021-10-13 CVE-2021-20806 Open Redirect vulnerability in Cybozu Remote Service Manager
Open redirect vulnerability in Cybozu Remote Service 3.0.0 to 3.1.9 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
network
cybozu CWE-601
5.8
5.8
2021-10-13 CVE-2021-20807 Cross-site Scripting vulnerability in Cybozu Remote Service Manager
Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.0.0 to 3.1.9 allows a remote attacker to inject an arbitrary script via unspecified vectors.
network
cybozu CWE-79
4.3
4.3
2019-01-09 CVE-2018-16172 Improper Restriction of Rendered UI Layers or Frames vulnerability in Cybozu Remote Service Manager
Improper countermeasure against clickjacking attack in client certificates management screen was discovered in Cybozu Remote Service 3.0.0 to 3.1.8, that allows remote attackers to trick a user to delete the registered client certificate.
network
cybozu CWE-1021
5.8
5.8
2019-01-09 CVE-2018-16171 Path Traversal vulnerability in Cybozu Remote Service Manager
Directory traversal vulnerability in Cybozu Remote Service 3.0.0 to 3.1.8 allows remote attackers to execute Java code file on the server via unspecified vectors. 		6.8
6.8
2019-01-09 CVE-2018-16170 Path Traversal vulnerability in Cybozu Remote Service Manager
Directory traversal vulnerability in Cybozu Remote Service 3.0.0 to 3.1.8 for Windows allows remote authenticated attackers to read arbitrary files via unspecified vectors.
network
low complexity
cybozu microsoft CWE-22
6.5
6.5