cvelistv5 - CVE-2008-6744

CVE-2008-6744

Vulnerability from cvelistv5

Published

2009-04-23 17:00

Modified

2024-08-07 11:42

Severity ?

Summary

Cross-site request forgery (CSRF) vulnerability in Cybozu Office 6, Cybozu Dezie before 6.0(1.0), and Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

References

URL	Tags
cve@mitre.org	http://cybozu.co.jp/products/dl/notice/detail/0016.html	Vendor Advisory
cve@mitre.org	http://cybozu.co.jp/products/dl/notice/detail/0018.html	Vendor Advisory
cve@mitre.org	http://jvn.jp/en/jp/JVN18405927/index.html
cve@mitre.org	http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000033.html
cve@mitre.org	http://osvdb.org/46575
cve@mitre.org	http://secunia.com/advisories/30882	Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/43438

Impacted products

▼	Vendor	Product
	n/a	n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T11:42:00.049Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://cybozu.co.jp/products/dl/notice/detail/0016.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://cybozu.co.jp/products/dl/notice/detail/0018.html"
          },
          {
            "name": "JVN#18405927",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVN",
              "x_transferred"
            ],
            "url": "http://jvn.jp/en/jp/JVN18405927/index.html"
          },
          {
            "name": "JVNDB-2008-000033",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVNDB",
              "x_transferred"
            ],
            "url": "http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000033.html"
          },
          {
            "name": "garoon-unspecified-csrf(43438)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43438"
          },
          {
            "name": "30882",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30882"
          },
          {
            "name": "46575",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/46575"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-06-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site request forgery (CSRF) vulnerability in Cybozu Office 6, Cybozu Dezie before 6.0(1.0), and Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-16T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://cybozu.co.jp/products/dl/notice/detail/0016.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://cybozu.co.jp/products/dl/notice/detail/0018.html"
        },
        {
          "name": "JVN#18405927",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVN"
          ],
          "url": "http://jvn.jp/en/jp/JVN18405927/index.html"
        },
        {
          "name": "JVNDB-2008-000033",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVNDB"
          ],
          "url": "http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000033.html"
        },
        {
          "name": "garoon-unspecified-csrf(43438)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43438"
        },
        {
          "name": "30882",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30882"
        },
        {
          "name": "46575",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/46575"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-6744",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site request forgery (CSRF) vulnerability in Cybozu Office 6, Cybozu Dezie before 6.0(1.0), and Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://cybozu.co.jp/products/dl/notice/detail/0016.html",
              "refsource": "CONFIRM",
              "url": "http://cybozu.co.jp/products/dl/notice/detail/0016.html"
            },
            {
              "name": "http://cybozu.co.jp/products/dl/notice/detail/0018.html",
              "refsource": "CONFIRM",
              "url": "http://cybozu.co.jp/products/dl/notice/detail/0018.html"
            },
            {
              "name": "JVN#18405927",
              "refsource": "JVN",
              "url": "http://jvn.jp/en/jp/JVN18405927/index.html"
            },
            {
              "name": "JVNDB-2008-000033",
              "refsource": "JVNDB",
              "url": "http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000033.html"
            },
            {
              "name": "garoon-unspecified-csrf(43438)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43438"
            },
            {
              "name": "30882",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30882"
            },
            {
              "name": "46575",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/46575"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-6744",
    "datePublished": "2009-04-23T17:00:00",
    "dateReserved": "2009-04-23T00:00:00",
    "dateUpdated": "2024-08-07T11:42:00.049Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2008-6744\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2009-04-23T17:30:00.233\",\"lastModified\":\"2017-08-17T01:29:32.257\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"Cross-site request forgery (CSRF) vulnerability in Cybozu Office 6, Cybozu Dezie before 6.0(1.0), and Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de falsificaci\u00f3n de petici\u00f3n en sitios cruzados (CSRF) en Cybozu Office v6, Cybozu Dezie anteriores a v6.0(1.0), y Cybozu Garoon v2.0.0 hasta la v2.1.3 permite a atacantes remotos secuestrar la autenticaci\u00f3n de victimas inespec\u00edficas a trav\u00e9s de vectores desconocidos.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\",\"baseScore\":6.8},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-352\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cybozu:cybozu_dezie:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"6\",\"matchCriteriaId\":\"BEF18E01-4AC8-42D8-A6C5-C6D43975E591\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cybozu:cybozu_garoon:2.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2AA522EF-30FD-4084-90CE-53281588032B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cybozu:cybozu_garoon:2.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"801F2F15-F3A3-4322-8431-30D60DF100A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cybozu:cybozu_garoon:2.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A7FF28F-A677-41C7-9A24-EA25FA122319\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cybozu:cybozu_garoon:2.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85989F0A-8913-4BC8-ABD5-113C5E42C9A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cybozu:cybozu_garoon:2.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"594992A0-B9B0-4986-AC14-E17F9D9697AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cybozu:cybozu_garoon:2.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"171FF417-00A7-4404-99EA-029B1574F724\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cybozu:cybozu_garoon:2.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5801F2B2-523A-47C9-A21A-625357961199\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cybozu:cybozu_garoon:2.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6DB31B6-C2B0-432B-B0EC-EC3A0218E818\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cybozu:cybozu_garoon:2.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A804339-9D42-4914-850D-A3B15BDBE8CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cybozu:cybozu_garoon:2.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"998A4F76-9945-4F75-AF15-90409F210B19\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cybozu:cybozu_garoon:2.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F84B0A2D-C60F-41DB-93B3-E3896543A0ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cybozu:cybozu_office:6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0B6B282-E664-4629-B028-C04CAB527D61\"}]}]}],\"references\":[{\"url\":\"http://cybozu.co.jp/products/dl/notice/detail/0016.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://cybozu.co.jp/products/dl/notice/detail/0018.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://jvn.jp/en/jp/JVN18405927/index.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000033.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://osvdb.org/46575\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/30882\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/43438\",\"source\":\"cve@mitre.org\"}]}}"
  }
}

CVE-2008-6744

Vulnerability from jvndb

Published

2008-07-08 12:14

Modified

2008-07-08 12:14

Severity ?

() - -

Summary

Multiple Cybozu products vulnerable to cross-site request forgery

Details

Multiple Cybozu products contain a cross-site request forgery vulnerability. Daiki Fukumori of Secure Sky Technology, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the vendors under Information Security Early Warning Partnership.

References

▼	Type	URL
	JVN	http://jvn.jp/en/jp/JVN18405927/index.html
	CVE	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6744
	NVD	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6744
	SECUNIA	http://secunia.com/advisories/30882
	OSVDB	http://osvdb.org/46575
	JVNDB_Ja	http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000033.html

Impacted products

▼	Vendor	Product
	Cybozu, Inc.	Cybozu Dezie
	Cybozu, Inc.	Cybozu Garoon
	Cybozu, Inc.	Cybozu Office

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000033.html",
  "dc:date": "2008-07-08T12:14+09:00",
  "dcterms:issued": "2008-07-08T12:14+09:00",
  "dcterms:modified": "2008-07-08T12:14+09:00",
  "description": "Multiple Cybozu products contain a cross-site request forgery vulnerability.\r\n\r\nDaiki Fukumori of Secure Sky Technology, Inc. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the vendors under Information Security Early Warning Partnership.",
  "link": "https://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000033.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:cybozu:dezie",
      "@product": "Cybozu Dezie",
      "@vendor": "Cybozu, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:cybozu:garoon",
      "@product": "Cybozu Garoon",
      "@vendor": "Cybozu, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:cybozu:office",
      "@product": "Cybozu Office",
      "@vendor": "Cybozu, Inc.",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "2.6",
    "@severity": "Low",
    "@type": "Base",
    "@vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2008-000033",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN18405927/index.html",
      "@id": "JVN#18405927",
      "@source": "JVN"
    },
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6744",
      "@id": "CVE-2008-6744",
      "@source": "CVE"
    },
    {
      "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6744",
      "@id": "CVE-2008-6744",
      "@source": "NVD"
    },
    {
      "#text": "http://secunia.com/advisories/30882",
      "@id": "SA30882",
      "@source": "SECUNIA"
    },
    {
      "#text": "http://osvdb.org/46575",
      "@id": "46575",
      "@source": "OSVDB"
    },
    {
      "#text": "http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000033.html",
      "@id": "JVNDB-2008-000033",
      "@source": "JVNDB_Ja"
    }
  ],
  "title": "Multiple Cybozu products vulnerable to cross-site request forgery"
}

ghsa-f8rw-q24p-fwwr

Vulnerability from github

Published

2022-05-17 02:10

Modified

2022-05-17 02:10

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2008-6744"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-352"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2009-04-23T17:30:00Z",
    "severity": "MODERATE"
  },
  "details": "Cross-site request forgery (CSRF) vulnerability in Cybozu Office 6, Cybozu Dezie before 6.0(1.0), and Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.",
  "id": "GHSA-f8rw-q24p-fwwr",
  "modified": "2022-05-17T02:10:27Z",
  "published": "2022-05-17T02:10:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-6744"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43438"
    },
    {
      "type": "WEB",
      "url": "http://cybozu.co.jp/products/dl/notice/detail/0016.html"
    },
    {
      "type": "WEB",
      "url": "http://cybozu.co.jp/products/dl/notice/detail/0018.html"
    },
    {
      "type": "WEB",
      "url": "http://jvn.jp/en/jp/JVN18405927/index.html"
    },
    {
      "type": "WEB",
      "url": "http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000033.html"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/46575"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/30882"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

gsd-2008-6744

Vulnerability from gsd

Modified

2023-12-13 01:23

Details

Aliases

CVE-2008-6744

Aliases

CVE-2008-6744

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2008-6744",
    "description": "Cross-site request forgery (CSRF) vulnerability in Cybozu Office 6, Cybozu Dezie before 6.0(1.0), and Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.",
    "id": "GSD-2008-6744"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2008-6744"
      ],
      "details": "Cross-site request forgery (CSRF) vulnerability in Cybozu Office 6, Cybozu Dezie before 6.0(1.0), and Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.",
      "id": "GSD-2008-6744",
      "modified": "2023-12-13T01:23:02.180357Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2008-6744",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Cross-site request forgery (CSRF) vulnerability in Cybozu Office 6, Cybozu Dezie before 6.0(1.0), and Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://cybozu.co.jp/products/dl/notice/detail/0016.html",
            "refsource": "CONFIRM",
            "url": "http://cybozu.co.jp/products/dl/notice/detail/0016.html"
          },
          {
            "name": "http://cybozu.co.jp/products/dl/notice/detail/0018.html",
            "refsource": "CONFIRM",
            "url": "http://cybozu.co.jp/products/dl/notice/detail/0018.html"
          },
          {
            "name": "JVN#18405927",
            "refsource": "JVN",
            "url": "http://jvn.jp/en/jp/JVN18405927/index.html"
          },
          {
            "name": "JVNDB-2008-000033",
            "refsource": "JVNDB",
            "url": "http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000033.html"
          },
          {
            "name": "garoon-unspecified-csrf(43438)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43438"
          },
          {
            "name": "30882",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/30882"
          },
          {
            "name": "46575",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/46575"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:cybozu:cybozu_garoon:2.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cybozu:cybozu_garoon:2.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cybozu:cybozu_garoon:2.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cybozu:cybozu_garoon:2.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cybozu:cybozu_garoon:2.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cybozu:cybozu_office:6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cybozu:cybozu_garoon:2.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cybozu:cybozu_garoon:2.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cybozu:cybozu_garoon:2.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cybozu:cybozu_garoon:2.0.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cybozu:cybozu_garoon:2.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cybozu:cybozu_garoon:2.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cybozu:cybozu_dezie:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "6",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-6744"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Cross-site request forgery (CSRF) vulnerability in Cybozu Office 6, Cybozu Dezie before 6.0(1.0), and Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-352"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "46575",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/46575"
            },
            {
              "name": "http://cybozu.co.jp/products/dl/notice/detail/0016.html",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://cybozu.co.jp/products/dl/notice/detail/0016.html"
            },
            {
              "name": "http://cybozu.co.jp/products/dl/notice/detail/0018.html",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://cybozu.co.jp/products/dl/notice/detail/0018.html"
            },
            {
              "name": "30882",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/30882"
            },
            {
              "name": "JVN#18405927",
              "refsource": "JVN",
              "tags": [],
              "url": "http://jvn.jp/en/jp/JVN18405927/index.html"
            },
            {
              "name": "JVNDB-2008-000033",
              "refsource": "JVNDB",
              "tags": [],
              "url": "http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000033.html"
            },
            {
              "name": "garoon-unspecified-csrf(43438)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43438"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2017-08-17T01:29Z",
      "publishedDate": "2009-04-23T17:30Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2008-6744

Vulnerability from cvelistv5

CVE-2008-6744

Vulnerability from jvndb

ghsa-f8rw-q24p-fwwr

Vulnerability from github

gsd-2008-6744

Vulnerability from gsd

Tags

Sightings

Nomenclature