CVE-2008-6744: CSRF
First published: Thu Apr 23 2009(Updated: )
Cross-site request forgery (CSRF) vulnerability in Cybozu Office 6, Cybozu Dezie before 6.0(1.0), and Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cybozu Garoon | =2.0.4 | |
| Cybozu Garoon | =2.0.0 | |
| Cybozu Garoon | =2.0.3 | |
| Cybozu Garoon | =2.1.0 | |
| Cybozu Garoon | =2.1.3 | |
| Cybozu Garoon | =2.1.1 | |
| Cybozu Office | =6 | |
| Cybozu Garoon | =2.0.5 | |
| Cybozu Garoon | =2.1.2 | |
| Cybozu Garoon | =2.0.6 | |
| Cybozu Dezie | <=6 | |
| Cybozu Garoon | =2.0.2 | |
| Cybozu Garoon | =2.0.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://osvdb.org/46575
- http://cybozu.co.jp/products/dl/notice/detail/0016.html
- http://cybozu.co.jp/products/dl/notice/detail/0018.html
- http://secunia.com/advisories/30882
- http://jvn.jp/en/jp/JVN18405927/index.html
- http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000033.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43438
Frequently Asked Questions
What is the severity of CVE-2008-6744?
CVE-2008-6744 is classified as a moderate severity vulnerability due to its nature as a cross-site request forgery (CSRF) risk.
How do I fix CVE-2008-6744?
To fix CVE-2008-6744, users should update to the latest versions of Cybozu Office and Cybozu Garoon that address this vulnerability.
Who is affected by CVE-2008-6744?
CVE-2008-6744 affects users of Cybozu Office version 6, Cybozu Garoon versions 2.0.0 to 2.1.3, and Cybozu Dezie before version 6.0(1.0).
What type of vulnerability is CVE-2008-6744?
CVE-2008-6744 is a cross-site request forgery (CSRF) vulnerability that can allow attackers to hijack user authentication.
What are the potential impacts of CVE-2008-6744?
The potential impacts of CVE-2008-6744 include unauthorized actions performed on behalf of victims, leading to compromised accounts and data.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/references
- agent/last-modified-date
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/weakness
- vendor/cybozu
- canonical/cybozu garoon
- version/cybozu garoon/2.0.4
- version/cybozu garoon/2.0.0
- version/cybozu garoon/2.0.3
- version/cybozu garoon/2.1.0
- version/cybozu garoon/2.1.3
- version/cybozu garoon/2.1.1
- canonical/cybozu office
- version/cybozu office/6
- version/cybozu garoon/2.0.5
- version/cybozu garoon/2.1.2
- version/cybozu garoon/2.0.6
- canonical/cybozu dezie
- version/cybozu dezie/6
- version/cybozu garoon/2.0.2
- version/cybozu garoon/2.0.1