jvndb-2010-000016
Vulnerability from jvndb
Published
2010-04-21 17:27
Modified
2010-04-21 17:27
Summary
Multiple Cybozu products vulnerable to authentication bypass
Details
Multiple Cybozu products contain an authentication bypass vulnerability.
Multiple Cybozu products contain an issue in which the login page for mobile devices is not properly restrcited, leading to an authentication bypass vulnerability. As a result, an attacker may impersonate a user of a Cybozu product.
References
Impacted products
Vendor | Product |
---|---|
Cybozu, Inc. | Cybozu Dotsales |
Cybozu, Inc. | Cybozu Office |
{ "@rdf:about": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000016.html", "dc:date": "2010-04-21T17:27+09:00", "dcterms:issued": "2010-04-21T17:27+09:00", "dcterms:modified": "2010-04-21T17:27+09:00", "description": "Multiple Cybozu products contain an authentication bypass vulnerability.\r\n\r\nMultiple Cybozu products contain an issue in which the login page for mobile devices is not properly restrcited, leading to an authentication bypass vulnerability. As a result, an attacker may impersonate a user of a Cybozu product.", "link": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000016.html", "sec:cpe": [ { "#text": "cpe:/a:cybozu:dotsales", "@product": "Cybozu Dotsales", "@vendor": "Cybozu, Inc.", "@version": "2.2" }, { "#text": "cpe:/a:cybozu:office", "@product": "Cybozu Office", "@vendor": "Cybozu, Inc.", "@version": "2.2" } ], "sec:cvss": { "@score": "5.8", "@severity": "Medium", "@type": "Base", "@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "@version": "2.0" }, "sec:identifier": "JVNDB-2010-000016", "sec:references": [ { "#text": "http://jvn.jp/en/jp/JVN87730223/index.html", "@id": "JVN#87730223", "@source": "JVN" }, { "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2029", "@id": "CVE-2010-2029", "@source": "CVE" }, { "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2029", "@id": "CVE-2010-2029", "@source": "NVD" }, { "#text": "http://www.ipa.go.jp/security/english/vuln/201004_cybozu_en.html", "@id": "Security Alert for Vulnerability in Multiple Cybozu Products", "@source": "IPA SECURITY ALERTS" }, { "#text": "http://secunia.com/advisories/39508", "@id": "SA39508", "@source": "SECUNIA" }, { "#text": "http://xforce.iss.net/xforce/xfdb/57976", "@id": "57976", "@source": "XF" }, { "#text": "http://www.osvdb.org/63933", "@id": "63933", "@source": "OSVDB" }, { "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html", "@id": "CWE-264", "@title": "Permissions(CWE-264)" } ], "title": "Multiple Cybozu products vulnerable to authentication bypass" }
Loading...