CVE-2014-0820

Sažetak

Directory traversal vulnerability in the download feature in Cybozu Garoon 2.x through 2.5.4 and 3.x through 3.7 SP3 allows remote authenticated users to read arbitrary files via unspecified vectors.

Reference

http://cs.cybozu.co.jp/information/gr20140225up05.php
http://jvn.jp/en/jp/JVN26393529/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2014-000023
http://www.securityfocus.com/bid/65815
https://support.cybozu.com/ja-jp/article/7994

CVSS

Base:	4.0
Impact:	2.9
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:L/Au:S/C:P/I:N/A:N

Zadnje važnije ažuriranje

13-08-2015 - 17:53

Objavljeno

27-02-2014 - 01:55