CVE-2022-29891
First published: Thu Aug 18 2022(Updated: )
Browse restriction bypass vulnerability in Custom Ap of Cybozu Office 10.0.0 to 10.8.5 allows a remote authenticated attacker to obtain the data of Custom App via unspecified vectors.
Credit: vultures@jpcert.or.jp
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cybozu Office | >=10.0.0<=10.8.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this browse restriction bypass vulnerability?
The vulnerability ID for this browse restriction bypass vulnerability is CVE-2022-29891.
What is the severity level of CVE-2022-29891?
The severity level of CVE-2022-29891 is medium with a CVSS score of 4.3.
What is affected by CVE-2022-29891?
Cybozu Office versions 10.0.0 to 10.8.5 are affected by CVE-2022-29891.
How does CVE-2022-29891 work?
CVE-2022-29891 allows a remote authenticated attacker to bypass browse restrictions and obtain the data of a Custom App.
Are there any references for more information about CVE-2022-29891?
Yes, you can find more information about CVE-2022-29891 at the following references: [1](https://cs.cybozu.co.jp/2022/007584.html), [2](https://jvn.jp/en/jp/JVN20573662/index.html).
- collector/nvd-index
- agent/references
- agent/event
- agent/severity
- agent/author
- agent/description
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/cybozu
- canonical/cybozu office
- version/cybozu office/10.0.0
- version/cybozu office/10.8.5