github - ghsa-9r6h-78r4-2rm5

ghsa-9r6h-78r4-2rm5

Vulnerability from github

Published

2022-05-17 04:09

Modified

2022-05-17 04:09

Details

Directory traversal vulnerability in the download feature in Cybozu Garoon 2.x through 2.5.4 and 3.x through 3.7 SP3 allows remote authenticated users to read arbitrary files via unspecified vectors.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2014-0820"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2014-02-27T01:55:00Z",
    "severity": "MODERATE"
  },
  "details": "Directory traversal vulnerability in the download feature in Cybozu Garoon 2.x through 2.5.4 and 3.x through 3.7 SP3 allows remote authenticated users to read arbitrary files via unspecified vectors.",
  "id": "GHSA-9r6h-78r4-2rm5",
  "modified": "2022-05-17T04:09:59Z",
  "published": "2022-05-17T04:09:59Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0820"
    },
    {
      "type": "WEB",
      "url": "https://support.cybozu.com/ja-jp/article/7994"
    },
    {
      "type": "WEB",
      "url": "http://cs.cybozu.co.jp/information/gr20140225up05.php"
    },
    {
      "type": "WEB",
      "url": "http://jvn.jp/en/jp/JVN26393529/index.html"
    },
    {
      "type": "WEB",
      "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000023"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/65815"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

cve-2014-0820

Vulnerability from cvelistv5

Published

2014-02-27 01:00

Modified

2024-08-06 09:27

Severity

Summary

Directory traversal vulnerability in the download feature in Cybozu Garoon 2.x through 2.5.4 and 3.x through 3.7 SP3 allows remote authenticated users to read arbitrary files via unspecified vectors.

References

URL	Tags
http://jvn.jp/en/jp/JVN26393529/index.html	third-party-advisory, x_refsource_JVN
http://cs.cybozu.co.jp/information/gr20140225up05.php	x_refsource_CONFIRM
http://jvndb.jvn.jp/jvndb/JVNDB-2014-000023	third-party-advisory, x_refsource_JVNDB
https://support.cybozu.com/ja-jp/article/7994	x_refsource_CONFIRM
http://www.securityfocus.com/bid/65815	vdb-entry, x_refsource_BID

Impacted products

Vendor	Product
n/a	n/a

Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T09:27:20.409Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "JVN#26393529",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVN",
              "x_transferred"
            ],
            "url": "http://jvn.jp/en/jp/JVN26393529/index.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://cs.cybozu.co.jp/information/gr20140225up05.php"
          },
          {
            "name": "JVNDB-2014-000023",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVNDB",
              "x_transferred"
            ],
            "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000023"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.cybozu.com/ja-jp/article/7994"
          },
          {
            "name": "65815",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/65815"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-02-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Directory traversal vulnerability in the download feature in Cybozu Garoon 2.x through 2.5.4 and 3.x through 3.7 SP3 allows remote authenticated users to read arbitrary files via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2015-05-14T16:57:00",
        "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "shortName": "jpcert"
      },
      "references": [
        {
          "name": "JVN#26393529",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVN"
          ],
          "url": "http://jvn.jp/en/jp/JVN26393529/index.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://cs.cybozu.co.jp/information/gr20140225up05.php"
        },
        {
          "name": "JVNDB-2014-000023",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVNDB"
          ],
          "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000023"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.cybozu.com/ja-jp/article/7994"
        },
        {
          "name": "65815",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/65815"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "vultures@jpcert.or.jp",
          "ID": "CVE-2014-0820",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Directory traversal vulnerability in the download feature in Cybozu Garoon 2.x through 2.5.4 and 3.x through 3.7 SP3 allows remote authenticated users to read arbitrary files via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "JVN#26393529",
              "refsource": "JVN",
              "url": "http://jvn.jp/en/jp/JVN26393529/index.html"
            },
            {
              "name": "http://cs.cybozu.co.jp/information/gr20140225up05.php",
              "refsource": "CONFIRM",
              "url": "http://cs.cybozu.co.jp/information/gr20140225up05.php"
            },
            {
              "name": "JVNDB-2014-000023",
              "refsource": "JVNDB",
              "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000023"
            },
            {
              "name": "https://support.cybozu.com/ja-jp/article/7994",
              "refsource": "CONFIRM",
              "url": "https://support.cybozu.com/ja-jp/article/7994"
            },
            {
              "name": "65815",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/65815"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
    "assignerShortName": "jpcert",
    "cveId": "CVE-2014-0820",
    "datePublished": "2014-02-27T01:00:00",
    "dateReserved": "2014-01-06T00:00:00",
    "dateUpdated": "2024-08-06T09:27:20.409Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Log in or create an account to share your comment.

Tags

Taxonomy of the tags.