CVE-2021-20632
First published: Thu Mar 18 2021(Updated: )
Improper access control vulnerability in Bulletin Board of Cybozu Office 10.0.0 to 10.8.4 allows authenticated attackers to bypass access restriction and obtain the data of Bulletin Board via unspecified vectors.
Credit: vultures@jpcert.or.jp
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cybozu Office | >=10.0.0<=10.8.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2021-20632?
CVE-2021-20632 is an improper access control vulnerability in Bulletin Board of Cybozu Office 10.0.0 to 10.8.4.
What is the severity of CVE-2021-20632?
The severity of CVE-2021-20632 is medium with a CVSS score of 4.3.
How can an attacker exploit CVE-2021-20632?
Authenticated attackers can exploit CVE-2021-20632 to bypass access restrictions and obtain data from the Bulletin Board of Cybozu Office.
Which versions of Cybozu Office are affected by CVE-2021-20632?
Cybozu Office versions 10.0.0 to 10.8.4 are affected by CVE-2021-20632.
Is there a fix for CVE-2021-20632?
Yes, a fix for CVE-2021-20632 is available. Please refer to the official Cybozu Office website for more information.
- collector/nvd-index
- agent/severity
- agent/references
- agent/author
- agent/tags
- agent/type
- agent/description
- agent/event
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- vendor/cybozu
- canonical/cybozu office
- version/cybozu office/10.0.0
- version/cybozu office/10.8.4