Cybozu Garoon 5.5.1

CPE Details

Cybozu Garoon 5.5.1
5.5.1
2022-07-11
11h14 +00:00
2022-07-11
14h54 +00:00
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:cybozu:garoon:5.5.1:*:*:*:*:*:*:*

Informations

Vendor

cybozu

Product

garoon

Version

5.5.1

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2024-31399 2024-06-11 05h34 +00:00 Excessive platform resource consumption within a loop issue exists in Cybozu Garoon 5.0.0 to 5.15.2. If this vulnerability is exploited, processing a crafted mail may cause a denial-of-service (DoS) condition.
6.5
Moyen
CVE-2024-31402 2024-06-11 05h21 +00:00 Incorrect authorization vulnerability in Cybozu Garoon 5.0.0 to 5.15.2 allows a remote authenticated attacker to delete the data of Shared To-Dos.
4.3
Moyen
CVE-2024-31398 2024-06-11 05h20 +00:00 Insertion of sensitive information into sent data issue exists in Cybozu Garoon 5.0.0 to 5.15.2. If this vulnerability is exploited, a user who can log in to the product may obtain information on the list of users.
4.3
Moyen
CVE-2023-26595 2023-05-23 00h00 +00:00 Denial-of-service (DoS) vulnerability in Message of Cybozu Garoon 4.10.0 to 5.9.2 allows a remote authenticated attacker to cause a denial of service condition.
6.5
Moyen
CVE-2023-27304 2023-05-22 22h00 +00:00 Operation restriction bypass vulnerability in Message and Bulletin of Cybozu Garoon 4.6.0 to 5.9.2 allows a remote authenticated attacker to alter the data of Message and/or Bulletin.
4.3
Moyen
CVE-2022-31472 2022-07-10 22h40 +00:00 Browse restriction bypass vulnerability in Cabinet of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to obtain the data of Cabinet.
4.3
Moyen
CVE-2022-30943 2022-07-10 22h40 +00:00 Browsing restriction bypass vulnerability in Bulletin of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenticated attacker to obtain the data of Bulletin.
4.3
Moyen
CVE-2022-30602 2022-07-10 22h40 +00:00 Operation restriction bypass in multiple applications of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenticated attacker to alter the file information and/or delete the files.
8.1
Haute
CVE-2022-29512 2022-07-10 22h40 +00:00 Exposure of sensitive information to an unauthorized actor issue in multiple applications of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenticated attacker to obtain the data without the viewing privilege.
6.5
Moyen
CVE-2022-29892 2022-07-04 04h56 +00:00 Improper input validation vulnerability in Space of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to repeatedly display errors in certain functions and cause a denial-of-service (DoS).
6.5
Moyen
CVE-2022-29513 2022-07-04 04h56 +00:00 Cross-site scripting vulnerability in Scheduler of Cybozu Garoon 4.10.0 to 5.5.1 allows a remote authenticated attacker with an administrative privilege to execute an arbitrary script.
4.8
Moyen
CVE-2022-29484 2022-07-04 04h56 +00:00 Operation restriction bypass vulnerability in Space of Cybozu Garoon 4.0.0 to 5.9.0 allows a remote authenticated attacker to delete the data of Space.
8.1
Haute
CVE-2022-29471 2022-07-04 04h56 +00:00 Browse restriction bypass vulnerability in Bulletin of Cybozu Garoon allows a remote authenticated attacker to obtain the data of Bulletin.
4.3
Moyen
CVE-2022-29467 2022-07-04 04h56 +00:00 Address information disclosure vulnerability in Cybozu Garoon 4.2.0 to 5.5.1 allows a remote authenticated attacker to obtain some data of Address.
4.3
Moyen
CVE-2022-28718 2022-07-04 04h56 +00:00 Operation restriction bypass vulnerability in Bulletin of Cybozu Garoon 4.0.0 to 5.5.1 allow a remote authenticated attacker to alter the data of Bulletin.
4.3
Moyen
CVE-2022-28713 2022-07-04 04h56 +00:00 Improper authentication vulnerability in Scheduler of Cybozu Garoon 4.10.0 to 5.5.1 allows a remote attacker to obtain some data of Facility Information without logging in to the product.
5.3
Moyen
CVE-2022-28692 2022-07-04 04h56 +00:00 Improper input validation vulnerability in Scheduler of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter the data of Scheduler.
4.3
Moyen
CVE-2022-27807 2022-07-04 04h56 +00:00 Improper input validation vulnerability in Link of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to disable to add Categories.
4.3
Moyen
CVE-2022-27803 2022-07-04 04h55 +00:00 Improper input validation vulnerability in Space of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter the data of Space.
4.3
Moyen
CVE-2022-27661 2022-07-04 04h55 +00:00 Operation restriction bypass vulnerability in Workflow of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter the data of Workflow.
4.3
Moyen
CVE-2022-27627 2022-07-04 04h55 +00:00 Cross-site scripting vulnerability in Organization's Information of Cybozu Garoon 4.10.2 to 5.5.1 allows a remote attacker to execute an arbitrary script on the logged-in user's web browser.
6.1
Moyen
CVE-2022-26368 2022-07-04 04h55 +00:00 Browse restriction bypass and operation restriction bypass vulnerability in Cabinet of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter and/or obtain the data of Cabinet.
5.4
Moyen
CVE-2022-26054 2022-07-04 04h55 +00:00 Operation restriction bypass vulnerability in Link of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter the data of Link.
4.3
Moyen
CVE-2022-26051 2022-07-04 04h55 +00:00 Operation restriction bypass vulnerability in Portal of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter the data of Portal.
4.3
Moyen