Cybozu Garoon Portlets Subsystem Security Bypass Vulnerability
BID:68917
Info
Cybozu Garoon Portlets Subsystem Security Bypass Vulnerability
| Bugtraq ID: | 68917 |
| Class: | Access Validation Error |
| CVE: |
CVE-2014-1993 |
| Remote: | Yes |
| Local: | No |
| Published: | Jul 15 2014 12:00AM |
| Updated: | Jul 15 2014 12:00AM |
| Credit: | The vendor reported this issue. |
| Vulnerable: |
Cybozu Garoon 3.7.2 Cybozu Garoon 3.7.1 Cybozu Garoon 3.0 Cybozu Garoon 2.1.3 Cybozu Garoon 2.1.1 Cybozu Garoon 2.1 Cybozu Garoon 2.0.5 Cybozu Garoon 2.0.4 Cybozu Garoon 2.0.3 Cybozu Garoon 2.0.2 Cybozu Garoon 2.0.1 Cybozu Garoon 3.7.3 Cybozu Garoon 3.7.0 Cybozu Garoon 3.7 Sp3 Cybozu Garoon 3.7 SP2 Cybozu Garoon 3.7 Sp1 Cybozu Garoon 3.7 Cybozu Garoon 3.5.5 Cybozu Garoon 3.5.4 Cybozu Garoon 3.5.3 Cybozu Garoon 3.5.2 Cybozu Garoon 3.5.1 Cybozu Garoon 3.5.0 Cybozu Garoon 3.5 Cybozu Garoon 3.1.3 Cybozu Garoon 3.1.2 Cybozu Garoon 3.1.1 Cybozu Garoon 3.1.0 Cybozu Garoon 3.1 Cybozu Garoon 3.0.3 Cybozu Garoon 3.0.2 Cybozu Garoon 3.0.1 Cybozu Garoon 2.5.4 Cybozu Garoon 2.5.3 Cybozu Garoon 2.5.2 Cybozu Garoon 2.5.1 Cybozu Garoon 2.5.0 Cybozu Garoon 2.1.2 Cybozu Garoon 2.0.6 Cybozu Garoon 2.0.0 |
| Not Vulnerable: |
Cybozu Garoon 3.7 SP4 |
Discussion
Cybozu Garoon Portlets Subsystem Security Bypass Vulnerability
Cybozu Garoon is prone to a security-bypass vulnerability.
Attackers can exploit this issue to bypass security restrictions and perform unauthorized actions; this may aid in launching further attacks.
Cybozu Garoon versions 2.0.0 through 3.7 SP3 are vulnerable.
Cybozu Garoon is prone to a security-bypass vulnerability.
Attackers can exploit this issue to bypass security restrictions and perform unauthorized actions; this may aid in launching further attacks.
Cybozu Garoon versions 2.0.0 through 3.7 SP3 are vulnerable.
Exploit / POC
Cybozu Garoon Portlets Subsystem Security Bypass Vulnerability
Attackers can exploit this issue through a browser.
Attackers can exploit this issue through a browser.