Search criteria
3 vulnerabilities found for Cybozu Dotsales by Cybozu, Inc.
JVNDB-2010-000016
Vulnerability from jvndb - Published: 2010-04-21 17:27 - Updated:2010-04-21 17:27Summary
Multiple Cybozu products vulnerable to authentication bypass
Details
Multiple Cybozu products contain an authentication bypass vulnerability.
Multiple Cybozu products contain an issue in which the login page for mobile devices is not properly restrcited, leading to an authentication bypass vulnerability. As a result, an attacker may impersonate a user of a Cybozu product.
References
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000016.html",
"dc:date": "2010-04-21T17:27+09:00",
"dcterms:issued": "2010-04-21T17:27+09:00",
"dcterms:modified": "2010-04-21T17:27+09:00",
"description": "Multiple Cybozu products contain an authentication bypass vulnerability.\r\n\r\nMultiple Cybozu products contain an issue in which the login page for mobile devices is not properly restrcited, leading to an authentication bypass vulnerability. As a result, an attacker may impersonate a user of a Cybozu product.",
"link": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000016.html",
"sec:cpe": [
{
"#text": "cpe:/a:cybozu:dotsales",
"@product": "Cybozu Dotsales",
"@vendor": "Cybozu, Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/a:cybozu:office",
"@product": "Cybozu Office",
"@vendor": "Cybozu, Inc.",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "5.8",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2010-000016",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN87730223/index.html",
"@id": "JVN#87730223",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2029",
"@id": "CVE-2010-2029",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2029",
"@id": "CVE-2010-2029",
"@source": "NVD"
},
{
"#text": "http://www.ipa.go.jp/security/english/vuln/201004_cybozu_en.html",
"@id": "Security Alert for Vulnerability in Multiple Cybozu Products",
"@source": "IPA SECURITY ALERTS"
},
{
"#text": "http://secunia.com/advisories/39508",
"@id": "SA39508",
"@source": "SECUNIA"
},
{
"#text": "http://xforce.iss.net/xforce/xfdb/57976",
"@id": "57976",
"@source": "XF"
},
{
"#text": "http://www.osvdb.org/63933",
"@id": "63933",
"@source": "OSVDB"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-264",
"@title": "Permissions(CWE-264)"
}
],
"title": "Multiple Cybozu products vulnerable to authentication bypass"
}
JVNDB-2007-000813
Vulnerability from jvndb - Published: 2008-05-21 00:00 - Updated:2008-05-21 00:00Summary
Multiple Cybozu products vulnerable to cross-site scripting
Details
Multiple Cybozu products are vulnerable to cross-site scripting.
Multiple Cybozu products are vulnerable to cross-site scripting. This vulnerability is different from JVN#90712589.
References
| Type | URL | |
|---|---|---|
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000813.html",
"dc:date": "2008-05-21T00:00+09:00",
"dcterms:issued": "2008-05-21T00:00+09:00",
"dcterms:modified": "2008-05-21T00:00+09:00",
"description": "Multiple Cybozu products are vulnerable to cross-site scripting.\r\n\r\nMultiple Cybozu products are vulnerable to cross-site scripting. This vulnerability is different from JVN#90712589.",
"link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000813.html",
"sec:cpe": [
{
"#text": "cpe:/a:cybozu:dotsales",
"@product": "Cybozu Dotsales",
"@vendor": "Cybozu, Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/a:cybozu:garoon",
"@product": "Cybozu Garoon",
"@vendor": "Cybozu, Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/a:cybozu:office",
"@product": "Cybozu Office",
"@vendor": "Cybozu, Inc.",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "4.3",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2007-000813",
"sec:references": {
"#text": "http://jvn.jp/en/jp/JVN50342989/index.html",
"@id": "JVN#50342989",
"@source": "JVN"
},
"title": "Multiple Cybozu products vulnerable to cross-site scripting"
}
JVNDB-2007-000815
Vulnerability from jvndb - Published: 2008-05-21 00:00 - Updated:2008-05-21 00:00Summary
Multiple Cybozu products vulnerable to cross-site scripting
Details
Multiple Cybozu products are vulnerable to cross-site scripting.
Multiple Cybozu products are vulnerable to cross-site scripting. This vulnerability is different from JVN#50342989.
References
| Type | URL | |
|---|---|---|
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000815.html",
"dc:date": "2008-05-21T00:00+09:00",
"dcterms:issued": "2008-05-21T00:00+09:00",
"dcterms:modified": "2008-05-21T00:00+09:00",
"description": "Multiple Cybozu products are vulnerable to cross-site scripting.\r\n\r\nMultiple Cybozu products are vulnerable to cross-site scripting. This vulnerability is different from JVN#50342989.",
"link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000815.html",
"sec:cpe": [
{
"#text": "cpe:/a:cybozu:dotsales",
"@product": "Cybozu Dotsales",
"@vendor": "Cybozu, Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/a:cybozu:garoon",
"@product": "Cybozu Garoon",
"@vendor": "Cybozu, Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/a:cybozu:office",
"@product": "Cybozu Office",
"@vendor": "Cybozu, Inc.",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "4.3",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2007-000815",
"sec:references": {
"#text": "http://jvn.jp/en/jp/JVN90712589/index.html",
"@id": "JVN#90712589",
"@source": "JVN"
},
"title": "Multiple Cybozu products vulnerable to cross-site scripting"
}