CVE-2013-3656

2013-07-1801:00:00

jpcert

www.cve.org

AI Score

Confidence

Low

EPSS

0.004

Percentile

73.9%

JSON

Cybozu Office 9.1.0 and earlier does not properly manage sessions, which allows remote attackers to bypass authentication by leveraging knowledge of a login URL.

References

jvn.jp/en/jp/JVN19491840/index.html

jvndb.jvn.jp/jvndb/JVNDB-2013-000069

products.cybozu.co.jp/office/ver9/download/update/fix910.html

exchange.xforce.ibmcloud.com/vulnerabilities/85894