First published: Fri May 17 2019(Updated: )
Cybozu Garoon 4.0.0 to 4.10.1 allows remote authenticated attackers to bypass access restriction to view the information without view privileges via the application 'Bulletin' and the application 'Cabinet'.
Credit: vultures@jpcert.or.jp
Affected Software | Affected Version | How to fix |
---|---|---|
Cybozu Garoon | >=4.0.0<=4.10.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this security issue is CVE-2019-5943.
The severity level of CVE-2019-5943 is medium with a score of 4.3.
CVE-2019-5943 affects Cybozu Garoon versions 4.0.0 to 4.10.1.
Remote authenticated attackers can exploit CVE-2019-5943 by bypassing access restrictions to view information without view privileges through the 'Bulletin' and 'Cabinet' applications.
You can find more information about CVE-2019-5943 at the following references: [http://jvn.jp/en/jp/JVN58849431/index.html](http://jvn.jp/en/jp/JVN58849431/index.html) and [https://kb.cybozu.support/article/35486/](https://kb.cybozu.support/article/35486/).