Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-1989

Overview

Vulnerability Score 6.0 6.0
CVE Id CVE-2014-1989
Last Modified 02 May 2014 11:35:28
Published 02 May 2014 06:55:07
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE

CVE-2014-1989

Summary

Cybozu Garoon 3.0 through 3.7 SP3 allows remote authenticated users to bypass intended access restrictions and delete schedule information via unspecified API calls.

Vulnerable Systems

Application

  • Cybozu Garoon 3.0.0

  • Cybozu Garoon 3.0.1

  • Cybozu Garoon 3.0.2

  • Cybozu Garoon 3.0.3

  • Cybozu Garoon 3.1.0

  • Cybozu Garoon 3.1.1

  • Cybozu Garoon 3.1.2

  • Cybozu Garoon 3.1.3

  • Cybozu Garoon 3.5.0

  • Cybozu Garoon 3.5.1

  • Cybozu Garoon 3.5.2

  • Cybozu Garoon 3.5.3

  • Cybozu Garoon 3.5.4

  • Cybozu Garoon 3.5.5

  • Cybozu Garoon 3.7

  • Cybozu Garoon 3.7.0

  • Cybozu Garoon 3.7.1

  • Cybozu Garoon 3.7.2


References

CONFIRM - https://support.cybozu.com/ja/article/5264

JVNDB - JVNDB-2014-000043

JVN - JVN#31230946


Last Updated: 27 May 2016 11:05:10