github - ghsa-qghg-p6j3-w7j7

ghsa-qghg-p6j3-w7j7

Vulnerability from github

Published

2022-05-17 02:41

Modified

2022-05-17 02:41

Severity

7.5 (High) - CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Details

Cybozu Dezie 8.0.0 to 8.1.1 allows remote attackers to bypass access restrictions to delete an arbitrary DBM (Cybozu Dezie proprietary format) file via unspecified vectors.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2016-7833"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-284"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-06-09T16:29:00Z",
    "severity": "HIGH"
  },
  "details": "Cybozu Dezie 8.0.0 to 8.1.1 allows remote attackers to bypass access restrictions to delete an arbitrary DBM (Cybozu Dezie proprietary format) file via unspecified vectors.",
  "id": "GHSA-qghg-p6j3-w7j7",
  "modified": "2022-05-17T02:41:24Z",
  "published": "2022-05-17T02:41:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-7833"
    },
    {
      "type": "WEB",
      "url": "https://jvn.jp/en/jp/JVN16781735/index.html"
    },
    {
      "type": "WEB",
      "url": "https://support.cybozu.com/ja-jp/article/9741"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/94831"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

cve-2016-7833

Vulnerability from cvelistv5

Published

2017-06-09 16:00

Modified

2024-08-06 02:04

Severity

Summary

Cybozu Dezie 8.0.0 to 8.1.1 allows remote attackers to bypass access restrictions to delete an arbitrary DBM (Cybozu Dezie proprietary format) file via unspecified vectors.

References

URL	Tags
https://jvn.jp/en/jp/JVN16781735/index.html	third-party-advisory, x_refsource_JVN
http://www.securityfocus.com/bid/94831	vdb-entry, x_refsource_BID
https://support.cybozu.com/ja-jp/article/9741	x_refsource_CONFIRM

Impacted products

Vendor	Product
Cybozu, Inc.	Cybozu Dezie

Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:04:56.097Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "JVN#16781735",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVN",
              "x_transferred"
            ],
            "url": "https://jvn.jp/en/jp/JVN16781735/index.html"
          },
          {
            "name": "94831",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/94831"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.cybozu.com/ja-jp/article/9741"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cybozu Dezie",
          "vendor": "Cybozu, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "8.0.0 to 8.1.1"
            }
          ]
        }
      ],
      "datePublic": "2016-12-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cybozu Dezie 8.0.0 to 8.1.1 allows remote attackers to bypass access restrictions to delete an arbitrary DBM (Cybozu Dezie proprietary format) file via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Fails to restrict access",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-06-12T09:57:01",
        "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "shortName": "jpcert"
      },
      "references": [
        {
          "name": "JVN#16781735",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVN"
          ],
          "url": "https://jvn.jp/en/jp/JVN16781735/index.html"
        },
        {
          "name": "94831",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/94831"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.cybozu.com/ja-jp/article/9741"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "vultures@jpcert.or.jp",
          "ID": "CVE-2016-7833",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cybozu Dezie",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "8.0.0 to 8.1.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cybozu, Inc."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cybozu Dezie 8.0.0 to 8.1.1 allows remote attackers to bypass access restrictions to delete an arbitrary DBM (Cybozu Dezie proprietary format) file via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Fails to restrict access"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "JVN#16781735",
              "refsource": "JVN",
              "url": "https://jvn.jp/en/jp/JVN16781735/index.html"
            },
            {
              "name": "94831",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/94831"
            },
            {
              "name": "https://support.cybozu.com/ja-jp/article/9741",
              "refsource": "CONFIRM",
              "url": "https://support.cybozu.com/ja-jp/article/9741"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
    "assignerShortName": "jpcert",
    "cveId": "CVE-2016-7833",
    "datePublished": "2017-06-09T16:00:00",
    "dateReserved": "2016-09-09T00:00:00",
    "dateUpdated": "2024-08-06T02:04:56.097Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Log in or create an account to share your comment.

Tags

Taxonomy of the tags.