CVE-2014-0817

EPSS 0.22%
Veröffentlicht 27.02.2014 01:55:03
Zuletzt bearbeitet 12.04.2025 10:46:40
Quelle vultures@jpcert.or.jp
CVE-Watchlists
Login
Unerledigt
Login

Cybozu Garoon 2.x through 2.5.4 and 3.x through 3.7 SP3 does not properly manage sessions, which allows remote authenticated users to impersonate arbitrary users via unspecified vectors.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 7

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Cybozu ≫ Garoon Version2.0 Updatesp1

Cybozu ≫ Garoon Version2.0 Updatesp2

Cybozu ≫ Garoon Version2.0 Updatesp3

Cybozu ≫ Garoon Version2.0 Updatesp4

Cybozu ≫ Garoon Version2.0 Updatesp5

Cybozu ≫ Garoon Version2.0 Updatesp6

Cybozu ≫ Garoon Version2.0.0

Cybozu ≫ Garoon Version2.0.1

Cybozu ≫ Garoon Version2.0.2

Cybozu ≫ Garoon Version2.0.3

Cybozu ≫ Garoon Version2.0.4

Cybozu ≫ Garoon Version2.0.5

Cybozu ≫ Garoon Version2.0.6

Cybozu ≫ Garoon Version2.1

Cybozu ≫ Garoon Version2.1 Updatesp1

Cybozu ≫ Garoon Version2.1 Updatesp2

Cybozu ≫ Garoon Version2.1 Updatesp3

Cybozu ≫ Garoon Version2.1.0

Cybozu ≫ Garoon Version2.1.1

Cybozu ≫ Garoon Version2.1.2

Cybozu ≫ Garoon Version2.1.3

Cybozu ≫ Garoon Version2.5

Cybozu ≫ Garoon Version2.5 Updatesp1

Cybozu ≫ Garoon Version2.5 Updatesp2

Cybozu ≫ Garoon Version2.5 Updatesp3

Cybozu ≫ Garoon Version2.5 Updatesp4

Cybozu ≫ Garoon Version2.5.0

Cybozu ≫ Garoon Version2.5.1

Cybozu ≫ Garoon Version2.5.2

Cybozu ≫ Garoon Version2.5.3

Cybozu ≫ Garoon Version2.5.4

Cybozu ≫ Garoon Version3.0

Cybozu ≫ Garoon Version3.0 Updatesp1

Cybozu ≫ Garoon Version3.0 Updatesp2

Cybozu ≫ Garoon Version3.0 Updatesp3

Cybozu ≫ Garoon Version3.1

Cybozu ≫ Garoon Version3.1 Updatesp1

Cybozu ≫ Garoon Version3.1 Updatesp2

Cybozu ≫ Garoon Version3.1 Updatesp3

Cybozu ≫ Garoon Version3.5

Cybozu ≫ Garoon Version3.5 Updatesp1

Cybozu ≫ Garoon Version3.5 Updatesp2

Cybozu ≫ Garoon Version3.5 Updatesp3

Cybozu ≫ Garoon Version3.5 Updatesp4

Cybozu ≫ Garoon Version3.5 Updatesp5

Cybozu ≫ Garoon Version3.5.3

Cybozu ≫ Garoon Version3.7

Cybozu ≫ Garoon Version3.7 Updatesp1

Cybozu ≫ Garoon Version3.7 Updatesp2

Cybozu ≫ Garoon Version3.7 Updatesp3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.22%	0.414

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.9	6.8	4.9	AV:N/AC:M/Au:S/C:P/I:P/A:N

Es wurden noch keine Informationen zu CWE veröffentlicht.

http://cs.cybozu.co.jp/information/gr20140225up03.php

Vendor Advisory

http://jvn.jp/en/jp/JVN24035499/index.html

http://jvndb.jvn.jp/jvndb/JVNDB-2014-000021

https://support.cybozu.com/ja-jp/article/7992

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2014-0817

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2014-0817

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2014-0817

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2014-0817