Improper authentication vulnerability in Scheduler of Cybozu Garoon 4.10.0 to 5.5.1 allows a remote attacker to obtain some data of Facility Information without logging in to the product.
References
Link | Resource |
---|---|
https://cs.cybozu.co.jp/2022/007429.html | Vendor Advisory |
https://jvn.jp/en/jp/JVN73897863/index.html | Third Party Advisory |
Configurations
History
08 Aug 2023, 14:21
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-287 |
12 Jul 2022, 15:06
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 5.0
v3 : 5.3 |
CPE | cpe:2.3:a:cybozu:garoon:*:*:*:*:*:*:*:* | |
References | (MISC) https://jvn.jp/en/jp/JVN73897863/index.html - Third Party Advisory | |
References | (MISC) https://cs.cybozu.co.jp/2022/007429.html - Vendor Advisory | |
CWE | CWE-668 |
04 Jul 2022, 07:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-07-04 07:15
Updated : 2024-02-04 22:51
NVD link : CVE-2022-28713
Mitre link : CVE-2022-28713
CVE.ORG link : CVE-2022-28713
JSON object : View
Products Affected
cybozu
- garoon
CWE
CWE-287
Improper Authentication