What is the severity of CVE-2014-0820?

CVE-2014-0820 is considered a moderate severity vulnerability due to its ability to allow remote authenticated users to read arbitrary files.

How do I fix CVE-2014-0820?

To fix CVE-2014-0820, upgrade to a patched version of Cybozu Garoon that is not vulnerable to this directory traversal issue.

What versions of Cybozu Garoon are affected by CVE-2014-0820?

CVE-2014-0820 affects Cybozu Garoon versions 2.x through 2.5.4 and 3.x through 3.7 SP3.

What type of vulnerability is CVE-2014-0820?

CVE-2014-0820 is characterized as a directory traversal vulnerability within the download feature.

Who can exploit CVE-2014-0820?

CVE-2014-0820 can be exploited by remote authenticated users with access to the application.

Vulnerability/
CVE-2014-0820

medium

CWE

27/2/2014

12/4/2025

CVE-2014-0820: Path Traversal

First published: Thu Feb 27 2014(Updated: )

Directory traversal vulnerability in the download feature in Cybozu Garoon 2.x through 2.5.4 and 3.x through 3.7 SP3 allows remote authenticated users to read arbitrary files via unspecified vectors.

Credit: vultures@jpcert.or.jp

Affected Software	Affected Version	How to fix
Cybozu Garoon	=2.0-sp1
Cybozu Garoon	=2.0-sp2
Cybozu Garoon	=2.0-sp3
Cybozu Garoon	=2.0-sp4
Cybozu Garoon	=2.0-sp5
Cybozu Garoon	=2.0-sp6
Cybozu Garoon	=2.0.0
Cybozu Garoon	=2.0.1
Cybozu Garoon	=2.0.2
Cybozu Garoon	=2.0.3
Cybozu Garoon	=2.0.4
Cybozu Garoon	=2.0.5
Cybozu Garoon	=2.0.6
Cybozu Garoon	=2.1
Cybozu Garoon	=2.1-sp1
Cybozu Garoon	=2.1-sp2
Cybozu Garoon	=2.1-sp3
Cybozu Garoon	=2.1.0
Cybozu Garoon	=2.1.1
Cybozu Garoon	=2.1.2
Cybozu Garoon	=2.1.3
Cybozu Garoon	=2.5
Cybozu Garoon	=2.5-sp1
Cybozu Garoon	=2.5-sp2
Cybozu Garoon	=2.5-sp3
Cybozu Garoon	=2.5-sp4
Cybozu Garoon	=2.5.0
Cybozu Garoon	=2.5.1
Cybozu Garoon	=2.5.2
Cybozu Garoon	=2.5.3
Cybozu Garoon	=2.5.4
Cybozu Garoon	=3.0
Cybozu Garoon	=3.0-sp1
Cybozu Garoon	=3.0-sp2
Cybozu Garoon	=3.0-sp3
Cybozu Garoon	=3.1
Cybozu Garoon	=3.1-sp1
Cybozu Garoon	=3.1-sp2
Cybozu Garoon	=3.1-sp3
Cybozu Garoon	=3.5
Cybozu Garoon	=3.5-sp1
Cybozu Garoon	=3.5-sp2
Cybozu Garoon	=3.5-sp3
Cybozu Garoon	=3.5-sp4
Cybozu Garoon	=3.5-sp5
Cybozu Garoon	=3.5.3
Cybozu Garoon	=3.7
Cybozu Garoon	=3.7-sp1
Cybozu Garoon	=3.7-sp2
Cybozu Garoon	=3.7-sp3
	=2.0-sp1
	=2.0-sp2
	=2.0-sp3
	=2.0-sp4
	=2.0-sp5
	=2.0-sp6
	=2.0.0
	=2.0.1
	=2.0.2
	=2.0.3
	=2.0.4
	=2.0.5
	=2.0.6
	=2.1
	=2.1-sp1
	=2.1-sp2
	=2.1-sp3
	=2.1.0
	=2.1.1
	=2.1.2
	=2.1.3
	=2.5
	=2.5-sp1
	=2.5-sp2
	=2.5-sp3
	=2.5-sp4
	=2.5.0
	=2.5.1
	=2.5.2
	=2.5.3
	=2.5.4
	=3.0
	=3.0-sp1
	=3.0-sp2
	=3.0-sp3
	=3.1
	=3.1-sp1
	=3.1-sp2
	=3.1-sp3
	=3.5
	=3.5-sp1
	=3.5-sp2
	=3.5-sp3
	=3.5-sp4
	=3.5-sp5
	=3.5.3
	=3.7
	=3.7-sp1
	=3.7-sp2
	=3.7-sp3

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2014-0820?
CVE-2014-0820 is considered a moderate severity vulnerability due to its ability to allow remote authenticated users to read arbitrary files.
How do I fix CVE-2014-0820?
To fix CVE-2014-0820, upgrade to a patched version of Cybozu Garoon that is not vulnerable to this directory traversal issue.
What versions of Cybozu Garoon are affected by CVE-2014-0820?
CVE-2014-0820 affects Cybozu Garoon versions 2.x through 2.5.4 and 3.x through 3.7 SP3.
What type of vulnerability is CVE-2014-0820?
CVE-2014-0820 is characterized as a directory traversal vulnerability within the download feature.
Who can exploit CVE-2014-0820?
CVE-2014-0820 can be exploited by remote authenticated users with access to the application.

collector/nvd-index
agent/type
collector/mitre-cve
source/MITRE
agent/severity
agent/weakness
agent/references
agent/description
agent/author
agent/first-publish-date
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/last-modified-date
agent/source
agent/softwarecombine
agent/tags
agent/event
vendor/cybozu
canonical/cybozu garoon
version/cybozu garoon/2.0-sp1
version/cybozu garoon/2.0-sp2
version/cybozu garoon/2.0-sp3
version/cybozu garoon/2.0-sp4
version/cybozu garoon/2.0-sp5
version/cybozu garoon/2.0-sp6
version/cybozu garoon/2.0.0
version/cybozu garoon/2.0.1
version/cybozu garoon/2.0.2
version/cybozu garoon/2.0.3
version/cybozu garoon/2.0.4
version/cybozu garoon/2.0.5
version/cybozu garoon/2.0.6
version/cybozu garoon/2.1
version/cybozu garoon/2.1-sp1
version/cybozu garoon/2.1-sp2
version/cybozu garoon/2.1-sp3
version/cybozu garoon/2.1.0
version/cybozu garoon/2.1.1
version/cybozu garoon/2.1.2
version/cybozu garoon/2.1.3
version/cybozu garoon/2.5
version/cybozu garoon/2.5-sp1
version/cybozu garoon/2.5-sp2
version/cybozu garoon/2.5-sp3
version/cybozu garoon/2.5-sp4
version/cybozu garoon/2.5.0
version/cybozu garoon/2.5.1
version/cybozu garoon/2.5.2
version/cybozu garoon/2.5.3
version/cybozu garoon/2.5.4
version/cybozu garoon/3.0
version/cybozu garoon/3.0-sp1
version/cybozu garoon/3.0-sp2
version/cybozu garoon/3.0-sp3
version/cybozu garoon/3.1
version/cybozu garoon/3.1-sp1
version/cybozu garoon/3.1-sp2
version/cybozu garoon/3.1-sp3
version/cybozu garoon/3.5
version/cybozu garoon/3.5-sp1
version/cybozu garoon/3.5-sp2
version/cybozu garoon/3.5-sp3
version/cybozu garoon/3.5-sp4
version/cybozu garoon/3.5-sp5
version/cybozu garoon/3.5.3
version/cybozu garoon/3.7
version/cybozu garoon/3.7-sp1
version/cybozu garoon/3.7-sp2
version/cybozu garoon/3.7-sp3