Search a vulnerability

jvndb-2010-000016

Vulnerability from jvndb

Published

2010-04-21 17:27

Modified

2010-04-21 17:27

Severity ?

() - -

Summary

Multiple Cybozu products vulnerable to authentication bypass

Details

Multiple Cybozu products contain an authentication bypass vulnerability. Multiple Cybozu products contain an issue in which the login page for mobile devices is not properly restrcited, leading to an authentication bypass vulnerability. As a result, an attacker may impersonate a user of a Cybozu product.

References

▼	Type	URL
	JVN	http://jvn.jp/en/jp/JVN87730223/index.html
	CVE	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2029
	NVD	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2029
	IPA SECURITY ALERTS	http://www.ipa.go.jp/security/english/vuln/201004_cybozu_en.html
	SECUNIA	http://secunia.com/advisories/39508
	XF	http://xforce.iss.net/xforce/xfdb/57976
	OSVDB	http://www.osvdb.org/63933
	Permissions(CWE-264)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

▼	Vendor	Product
	Cybozu, Inc.	Cybozu Dotsales
	Cybozu, Inc.	Cybozu Office

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000016.html",
  "dc:date": "2010-04-21T17:27+09:00",
  "dcterms:issued": "2010-04-21T17:27+09:00",
  "dcterms:modified": "2010-04-21T17:27+09:00",
  "description": "Multiple Cybozu products contain an authentication bypass vulnerability.\r\n\r\nMultiple Cybozu products contain an issue in which the login page for mobile devices is not properly restrcited, leading to an authentication bypass vulnerability. As a result, an attacker may impersonate a user of a Cybozu product.",
  "link": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000016.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:cybozu:dotsales",
      "@product": "Cybozu Dotsales",
      "@vendor": "Cybozu, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:cybozu:office",
      "@product": "Cybozu Office",
      "@vendor": "Cybozu, Inc.",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "5.8",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2010-000016",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN87730223/index.html",
      "@id": "JVN#87730223",
      "@source": "JVN"
    },
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2029",
      "@id": "CVE-2010-2029",
      "@source": "CVE"
    },
    {
      "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2029",
      "@id": "CVE-2010-2029",
      "@source": "NVD"
    },
    {
      "#text": "http://www.ipa.go.jp/security/english/vuln/201004_cybozu_en.html",
      "@id": "Security Alert for Vulnerability in Multiple Cybozu Products",
      "@source": "IPA SECURITY ALERTS"
    },
    {
      "#text": "http://secunia.com/advisories/39508",
      "@id": "SA39508",
      "@source": "SECUNIA"
    },
    {
      "#text": "http://xforce.iss.net/xforce/xfdb/57976",
      "@id": "57976",
      "@source": "XF"
    },
    {
      "#text": "http://www.osvdb.org/63933",
      "@id": "63933",
      "@source": "OSVDB"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-264",
      "@title": "Permissions(CWE-264)"
    }
  ],
  "title": "Multiple Cybozu products vulnerable to authentication bypass"
}

jvndb-2007-000813

Vulnerability from jvndb

Published

2008-05-21 00:00

Modified

2008-05-21 00:00

Severity ?

() - -

Summary

Multiple Cybozu products vulnerable to cross-site scripting

Details

Multiple Cybozu products are vulnerable to cross-site scripting. Multiple Cybozu products are vulnerable to cross-site scripting. This vulnerability is different from JVN#90712589.

References

▼	Type	URL

Impacted products

▼	Vendor	Product
	Cybozu, Inc.	Cybozu Dotsales
	Cybozu, Inc.	Cybozu Garoon
	Cybozu, Inc.	Cybozu Office

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000813.html",
  "dc:date": "2008-05-21T00:00+09:00",
  "dcterms:issued": "2008-05-21T00:00+09:00",
  "dcterms:modified": "2008-05-21T00:00+09:00",
  "description": "Multiple Cybozu products are vulnerable to cross-site scripting.\r\n\r\nMultiple Cybozu products are vulnerable to cross-site scripting. This vulnerability is different from JVN#90712589.",
  "link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000813.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:cybozu:dotsales",
      "@product": "Cybozu Dotsales",
      "@vendor": "Cybozu, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:cybozu:garoon",
      "@product": "Cybozu Garoon",
      "@vendor": "Cybozu, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:cybozu:office",
      "@product": "Cybozu Office",
      "@vendor": "Cybozu, Inc.",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "4.3",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2007-000813",
  "sec:references": {
    "#text": "http://jvn.jp/en/jp/JVN50342989/index.html",
    "@id": "JVN#50342989",
    "@source": "JVN"
  },
  "title": "Multiple Cybozu products vulnerable to cross-site scripting"
}

jvndb-2007-000815

Vulnerability from jvndb

Published

2008-05-21 00:00

Modified

2008-05-21 00:00

Severity ?

() - -

Summary

Multiple Cybozu products vulnerable to cross-site scripting

Details

Multiple Cybozu products are vulnerable to cross-site scripting. Multiple Cybozu products are vulnerable to cross-site scripting. This vulnerability is different from JVN#50342989.

References

▼	Type	URL

Impacted products

▼	Vendor	Product
	Cybozu, Inc.	Cybozu Dotsales
	Cybozu, Inc.	Cybozu Garoon
	Cybozu, Inc.	Cybozu Office

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000815.html",
  "dc:date": "2008-05-21T00:00+09:00",
  "dcterms:issued": "2008-05-21T00:00+09:00",
  "dcterms:modified": "2008-05-21T00:00+09:00",
  "description": "Multiple Cybozu products are vulnerable to cross-site scripting.\r\n\r\nMultiple Cybozu products are vulnerable to cross-site scripting. This vulnerability is different from JVN#50342989.",
  "link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000815.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:cybozu:dotsales",
      "@product": "Cybozu Dotsales",
      "@vendor": "Cybozu, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:cybozu:garoon",
      "@product": "Cybozu Garoon",
      "@vendor": "Cybozu, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:cybozu:office",
      "@product": "Cybozu Office",
      "@vendor": "Cybozu, Inc.",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "4.3",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2007-000815",
  "sec:references": {
    "#text": "http://jvn.jp/en/jp/JVN90712589/index.html",
    "@id": "JVN#90712589",
    "@source": "JVN"
  },
  "title": "Multiple Cybozu products vulnerable to cross-site scripting"
}

All the vulnerabilites related to Cybozu, Inc. - Cybozu Dotsales

jvndb-2010-000016

Vulnerability from jvndb

jvndb-2007-000813

Vulnerability from jvndb

jvndb-2007-000815

Vulnerability from jvndb