Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-0817

Overview

Vulnerability Score 4.9 4.9
CVE Id CVE-2014-0817
Last Modified 27 Feb 2014 12:08:54
Published 26 Feb 2014 08:55:03
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE

CVE-2014-0817

Summary

Cybozu Garoon 2.x through 2.5.4 and 3.x through 3.7 SP3 does not properly manage sessions, which allows remote authenticated users to impersonate arbitrary users via unspecified vectors.

Vulnerable Systems

Application

  • Cybozu Garoon 2.0

  • Cybozu Garoon 2.0.0

  • Cybozu Garoon 2.0.1

  • Cybozu Garoon 2.0.2

  • Cybozu Garoon 2.0.3

  • Cybozu Garoon 2.0.4

  • Cybozu Garoon 2.0.5

  • Cybozu Garoon 2.0.6

  • Cybozu Garoon 2.1

  • Cybozu Garoon 2.1.0

  • Cybozu Garoon 2.1.1

  • Cybozu Garoon 2.1.2

  • Cybozu Garoon 2.1.3

  • Cybozu Garoon 2.5

  • Cybozu Garoon 2.5.0

  • Cybozu Garoon 2.5.1

  • Cybozu Garoon 2.5.2

  • Cybozu Garoon 2.5.3

  • Cybozu Garoon 2.5.4

  • Cybozu Garoon 3.0

  • Cybozu Garoon 3.1

  • Cybozu Garoon 3.5

  • Cybozu Garoon 3.5.3

  • Cybozu Garoon 3.7


References

CONFIRM - https://support.cybozu.com/ja-jp/article/7992

JVNDB - JVNDB-2014-000021

JVN - JVN#24035499

CONFIRM - http://cs.cybozu.co.jp/information/gr20140225up03.php


Last Updated: 27 May 2016 10:55:16