CVE-2017-2095
First published: Fri Apr 28 2017(Updated: )
Cybozu Garoon 3.0.0 to 4.2.3 allows remote authenticated attackers to bypass access restriction in the mail function leading to an alteration of the order of mail folders via unspecified vectors.
Credit: vultures@jpcert.or.jp
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cybozu Garoon | =3.0.0 | |
| Cybozu Garoon | =3.0.1 | |
| Cybozu Garoon | =3.0.2 | |
| Cybozu Garoon | =3.0.3 | |
| Cybozu Garoon | =3.1.0 | |
| Cybozu Garoon | =3.1.1 | |
| Cybozu Garoon | =3.1.2 | |
| Cybozu Garoon | =3.1.3 | |
| Cybozu Garoon | =3.5.0 | |
| Cybozu Garoon | =3.5.1 | |
| Cybozu Garoon | =3.5.2 | |
| Cybozu Garoon | =3.5.3 | |
| Cybozu Garoon | =3.5.4 | |
| Cybozu Garoon | =3.5.5 | |
| Cybozu Garoon | =3.7.0 | |
| Cybozu Garoon | =3.7.1 | |
| Cybozu Garoon | =3.7.2 | |
| Cybozu Garoon | =3.7.3 | |
| Cybozu Garoon | =3.7.4 | |
| Cybozu Garoon | =3.7.5 | |
| Cybozu Garoon | =4.0.0 | |
| Cybozu Garoon | =4.0.1 | |
| Cybozu Garoon | =4.0.2 | |
| Cybozu Garoon | =4.0.3 | |
| Cybozu Garoon | =4.2.0 | |
| Cybozu Garoon | =4.2.1 | |
| Cybozu Garoon | =4.2.2 | |
| Cybozu Garoon | =4.2.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2017-2095?
CVE-2017-2095 is considered a medium severity vulnerability due to its potential impact on user data and access controls.
How do I fix CVE-2017-2095?
To fix CVE-2017-2095, update the Cybozu Garoon application to version 4.2.4 or later.
What versions are affected by CVE-2017-2095?
CVE-2017-2095 affects Cybozu Garoon versions from 3.0.0 to 4.2.3.
What type of attack does CVE-2017-2095 enable?
CVE-2017-2095 enables remote authenticated attackers to bypass access restrictions in the mail function.
Can CVE-2017-2095 affect my email functionality?
Yes, CVE-2017-2095 can alter the order of mail folders, potentially disrupting your email functionality.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/references
- agent/author
- agent/tags
- agent/last-modified-date
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- vendor/cybozu
- canonical/cybozu garoon
- version/cybozu garoon/3.0.0
- version/cybozu garoon/3.0.1
- version/cybozu garoon/3.0.2
- version/cybozu garoon/3.0.3
- version/cybozu garoon/3.1.0
- version/cybozu garoon/3.1.1
- version/cybozu garoon/3.1.2
- version/cybozu garoon/3.1.3
- version/cybozu garoon/3.5.0
- version/cybozu garoon/3.5.1
- version/cybozu garoon/3.5.2
- version/cybozu garoon/3.5.3
- version/cybozu garoon/3.5.4
- version/cybozu garoon/3.5.5
- version/cybozu garoon/3.7.0
- version/cybozu garoon/3.7.1
- version/cybozu garoon/3.7.2
- version/cybozu garoon/3.7.3
- version/cybozu garoon/3.7.4
- version/cybozu garoon/3.7.5
- version/cybozu garoon/4.0.0
- version/cybozu garoon/4.0.1
- version/cybozu garoon/4.0.2
- version/cybozu garoon/4.0.3
- version/cybozu garoon/4.2.0
- version/cybozu garoon/4.2.1
- version/cybozu garoon/4.2.2
- version/cybozu garoon/4.2.3