Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-0820

Overview

Vulnerability Score 4.0 4.0
CVE Id CVE-2014-0820
Last Modified 13 Aug 2015 01:53:29
Published 26 Feb 2014 08:55:03
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2014-0820

Summary

Directory traversal vulnerability in the download feature in Cybozu Garoon 2.x through 2.5.4 and 3.x through 3.7 SP3 allows remote authenticated users to read arbitrary files via unspecified vectors.

Vulnerable Systems

Application

  • Cybozu Garoon 2.0

  • Cybozu Garoon 2.0.0

  • Cybozu Garoon 2.0.1

  • Cybozu Garoon 2.0.2

  • Cybozu Garoon 2.0.3

  • Cybozu Garoon 2.0.4

  • Cybozu Garoon 2.0.5

  • Cybozu Garoon 2.0.6

  • Cybozu Garoon 2.1

  • Cybozu Garoon 2.1.0

  • Cybozu Garoon 2.1.1

  • Cybozu Garoon 2.1.2

  • Cybozu Garoon 2.1.3

  • Cybozu Garoon 2.5

  • Cybozu Garoon 2.5.0

  • Cybozu Garoon 2.5.1

  • Cybozu Garoon 2.5.2

  • Cybozu Garoon 2.5.3

  • Cybozu Garoon 2.5.4

  • Cybozu Garoon 3.0

  • Cybozu Garoon 3.1

  • Cybozu Garoon 3.5

  • Cybozu Garoon 3.5.3

  • Cybozu Garoon 3.7


References

CONFIRM - https://support.cybozu.com/ja-jp/article/7994

JVNDB - JVNDB-2014-000023

JVN - JVN#26393529

CONFIRM - http://cs.cybozu.co.jp/information/gr20140225up05.php

BID - 65815


Last Updated: 27 May 2016 10:55:16