CVE-2022-28692: Input Validation
First published: Mon Jul 04 2022(Updated: )
Improper input validation vulnerability in Scheduler of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter the data of Scheduler.
Credit: vultures@jpcert.or.jp vultures@jpcert.or.jp
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cybozu Garoon | >=4.0.0<=5.5.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for the improper input validation vulnerability in Cybozu Garoon?
The vulnerability ID is CVE-2022-28692.
What is the affected software version range for the Cybozu Garoon vulnerability?
The vulnerability affects Cybozu Garoon versions 4.0.0 to 5.5.1.
How can an attacker exploit the improper input validation vulnerability in Scheduler?
An attacker with remote authenticated access can use this vulnerability to alter Scheduler data.
What is the severity rating for the Cybozu Garoon vulnerability?
The severity rating is medium with a CVSS score of 4.3.
Are there any official references for the Cybozu Garoon vulnerability?
Yes, you can find more information about the vulnerability at the following references: [Reference 1](https://cs.cybozu.co.jp/2022/007429.html), [Reference 2](https://jvn.jp/en/jp/JVN73897863/index.html).
- collector/nvd-api
- collector/nvd-index
- agent/references
- agent/severity
- agent/author
- agent/weakness
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/cybozu
- canonical/cybozu garoon
- version/cybozu garoon/4.0.0
- version/cybozu garoon/5.5.1