CVE-2019-6022: Path Traversal
First published: Thu Dec 26 2019(Updated: )
Directory traversal vulnerability in Cybozu Office 10.0.0 to 10.8.3 allows remote authenticated attackers to alter arbitrary files via the 'Customapp' function.
Credit: vultures@jpcert.or.jp
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cybozu Office | >=10.0.0<=10.8.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2019-6022?
The severity of CVE-2019-6022 is medium (6.5).
What is the affected software version range for CVE-2019-6022?
The affected software version range for CVE-2019-6022 is Cybozu Office 10.0.0 to 10.8.3.
How does the directory traversal vulnerability in Cybozu Office 10.0.0 to 10.8.3 work?
The directory traversal vulnerability in Cybozu Office 10.0.0 to 10.8.3 allows remote authenticated attackers to alter arbitrary files via the 'Customapp' function.
Is remote authentication required to exploit CVE-2019-6022?
Yes, remote authentication is required to exploit CVE-2019-6022.
Where can I find more information about CVE-2019-6022?
You can find more information about CVE-2019-6022 in the following references: [1] http://jvn.jp/en/jp/JVN79854355/index.html [2] https://kb.cybozu.support/article/36124
- collector/nvd-index
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/tags
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/cybozu
- canonical/cybozu office
- version/cybozu office/10.0.0
- version/cybozu office/10.8.3