Lucene search
JpcertCVE-2014-0820HistoryFeb 27, 2014 - 1:55 a.m.
CVE-2014-0820
2014-02-2701:55:03
CWE-22
jpcert
web.nvd.nist.gov
26
cve-2014-0820
cybozu garoon
directory traversal
vulnerability
download feature
remote authenticated users
arbitrary files
nvd
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
AI Score
6.4
Confidence
Low
EPSS
0.002
Percentile
54.9%
Directory traversal vulnerability in the download feature in Cybozu Garoon 2.x through 2.5.4 and 3.x through 3.7 SP3 allows remote authenticated users to read arbitrary files via unspecified vectors.
Affected configurations
Node
cybozugaroonMatch2.0sp1
ORcybozugaroonMatch2.0sp2
ORcybozugaroonMatch2.0sp3
ORcybozugaroonMatch2.0sp4
ORcybozugaroonMatch2.0sp5
ORcybozugaroonMatch2.0sp6
ORcybozugaroonMatch2.0.0
ORcybozugaroonMatch2.0.1
ORcybozugaroonMatch2.0.2
ORcybozugaroonMatch2.0.3
ORcybozugaroonMatch2.0.4
ORcybozugaroonMatch2.0.5
ORcybozugaroonMatch2.0.6
ORcybozugaroonMatch2.1
ORcybozugaroonMatch2.1sp1
ORcybozugaroonMatch2.1sp2
ORcybozugaroonMatch2.1sp3
ORcybozugaroonMatch2.1.0
ORcybozugaroonMatch2.1.1
ORcybozugaroonMatch2.1.2
ORcybozugaroonMatch2.1.3
ORcybozugaroonMatch2.5
ORcybozugaroonMatch2.5sp1
ORcybozugaroonMatch2.5sp2
ORcybozugaroonMatch2.5sp3
ORcybozugaroonMatch2.5sp4
ORcybozugaroonMatch2.5.0
ORcybozugaroonMatch2.5.1
ORcybozugaroonMatch2.5.2
ORcybozugaroonMatch2.5.3
ORcybozugaroonMatch2.5.4
Node
cybozugaroonMatch3.0
ORcybozugaroonMatch3.0sp1
ORcybozugaroonMatch3.0sp2
ORcybozugaroonMatch3.0sp3
ORcybozugaroonMatch3.1
ORcybozugaroonMatch3.1sp1
ORcybozugaroonMatch3.1sp2
ORcybozugaroonMatch3.1sp3
ORcybozugaroonMatch3.5
ORcybozugaroonMatch3.5sp1
ORcybozugaroonMatch3.5sp2
ORcybozugaroonMatch3.5sp3
ORcybozugaroonMatch3.5sp4
ORcybozugaroonMatch3.5sp5
ORcybozugaroonMatch3.5.3
ORcybozugaroonMatch3.7
ORcybozugaroonMatch3.7sp1
ORcybozugaroonMatch3.7sp2
ORcybozugaroonMatch3.7sp3
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cybozu | garoon | 2.0 | cpe:2.3:a:cybozu:garoon:2.0:sp1:*:*:*:*:*:* |
| cybozu | garoon | 2.0 | cpe:2.3:a:cybozu:garoon:2.0:sp2:*:*:*:*:*:* |
| cybozu | garoon | 2.0 | cpe:2.3:a:cybozu:garoon:2.0:sp3:*:*:*:*:*:* |
| cybozu | garoon | 2.0 | cpe:2.3:a:cybozu:garoon:2.0:sp4:*:*:*:*:*:* |
| cybozu | garoon | 2.0 | cpe:2.3:a:cybozu:garoon:2.0:sp5:*:*:*:*:*:* |
| cybozu | garoon | 2.0 | cpe:2.3:a:cybozu:garoon:2.0:sp6:*:*:*:*:*:* |
| cybozu | garoon | 2.0.0 | cpe:2.3:a:cybozu:garoon:2.0.0:*:*:*:*:*:*:* |
| cybozu | garoon | 2.0.1 | cpe:2.3:a:cybozu:garoon:2.0.1:*:*:*:*:*:*:* |
| cybozu | garoon | 2.0.2 | cpe:2.3:a:cybozu:garoon:2.0.2:*:*:*:*:*:*:* |
| cybozu | garoon | 2.0.3 | cpe:2.3:a:cybozu:garoon:2.0.3:*:*:*:*:*:*:* |
Related
jvn
jvn
JVN#26393529: Cybozu Garoon vulnerable to directory traversal
2014-02-26 00:00:00
prion
prion
Directory traversal
2014-02-27 01:55:00
cvelist
cvelist
CVE-2014-0820
2014-02-27 01:00:00
nvd
nvd
CVE-2014-0820
2014-02-27 01:55:03
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
AI Score
6.4
Confidence
Low
EPSS
0.002
Percentile
54.9%
Related for CVE-2014-0820