CVE-2022-29512: Infoleak
First published: Mon Jul 11 2022(Updated: )
Exposure of sensitive information to an unauthorized actor issue in multiple applications of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenticated attacker to obtain the data without the viewing privilege.
Credit: vultures@jpcert.or.jp vultures@jpcert.or.jp
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cybozu Garoon | >=4.0.0<=5.9.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2022-29512.
What is the severity of CVE-2022-29512?
The severity of CVE-2022-29512 is medium with a CVSS score of 6.5.
Which applications of Cybozu Garoon are affected by CVE-2022-29512?
CVE-2022-29512 affects multiple applications of Cybozu Garoon version 4.0.0 to 5.9.1.
How does CVE-2022-29512 impact the affected applications?
CVE-2022-29512 allows a remote authenticated attacker to obtain sensitive information without the viewing privilege.
Are there any recommended references for CVE-2022-29512?
Yes, you can refer to the official advisory from Cybozu at https://cs.cybozu.co.jp/2022/007682.html and the JVN page at https://jvn.jp/en/jp/JVN14077132/index.html for more information on CVE-2022-29512.
- collector/nvd-api
- collector/nvd-index
- agent/author
- agent/weakness
- agent/references
- agent/severity
- agent/description
- agent/type
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/cybozu
- canonical/cybozu garoon
- version/cybozu garoon/4.0.0
- version/cybozu garoon/5.9.1