Cybozu Garoon 5.9.2

CPE Details

Cybozu Garoon 5.9.2
cybozu
garoon
5.9.2
2023-05-27
00h14 +00:00
2023-07-11
14h08 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:cybozu:garoon:5.9.2:*:*:*:*:*:*:*

Informations

Vendor

cybozu

Product

garoon

Version

5.9.2

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2024-31399 2024-06-11 05h34 +00:00 Excessive platform resource consumption within a loop issue exists in Cybozu Garoon 5.0.0 to 5.15.2. If this vulnerability is exploited, processing a crafted mail may cause a denial-of-service (DoS) condition.
6.5
Medium
CVE-2024-31402 2024-06-11 05h21 +00:00 Incorrect authorization vulnerability in Cybozu Garoon 5.0.0 to 5.15.2 allows a remote authenticated attacker to delete the data of Shared To-Dos.
4.3
Medium
CVE-2024-31398 2024-06-11 05h20 +00:00 Insertion of sensitive information into sent data issue exists in Cybozu Garoon 5.0.0 to 5.15.2. If this vulnerability is exploited, a user who can log in to the product may obtain information on the list of users.
4.3
Medium
CVE-2023-26595 2023-05-23 00h00 +00:00 Denial-of-service (DoS) vulnerability in Message of Cybozu Garoon 4.10.0 to 5.9.2 allows a remote authenticated attacker to cause a denial of service condition.
6.5
Medium
CVE-2023-27304 2023-05-22 22h00 +00:00 Operation restriction bypass vulnerability in Message and Bulletin of Cybozu Garoon 4.6.0 to 5.9.2 allows a remote authenticated attacker to alter the data of Message and/or Bulletin.
4.3
Medium
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.