Lucene search
Japan Vulnerability NotesJVN:18405927HistoryJun 27, 2008 - 12:00 a.m.
JVN#18405927 Multiple Cybozu products vulnerable to cross-site request forgery
2008-06-2700:00:00
Japan Vulnerability Notes
jvn.jp
16
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
0.003
Percentile
71.2%
Multiple Cybozu products contain a cross-site request forgery vulnerability.
Impact
If a user views a malicious web page while logged onto the Cybozu web interface, the user’s schedules and other configuration settings may be altered.
Solution
Update the Software
Apply the latest updates provided by the vendor.
Products Affected
- Cybozu Office 6
- Cybozu Dezie prior to version 6.0(1.0)
- Cybozu Garoon version 2.0.0 - 2.1.3
Related
cvelist
cvelist
CVE-2008-6744
2009-04-23 17:00:00
nvd
nvd
CVE-2008-6744
2009-04-23 17:30:00
prion
prion
Cross site request forgery (csrf)
2009-04-23 17:30:00
cve
cve
CVE-2008-6744
2009-04-23 17:30:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
0.003
Percentile
71.2%
Related for JVN:18405927