Japan Vulnerability NotesJVN:18743512JVN#18743512: Cybozu KUNAI for Android vulnerable to denial-of-service (DoS)
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
Low
EPSS
Percentile
34.9%
Cybozu KUNAI for Android is a client application for using Cybozu products from an Android device. Cybozu KUNAI for Android contains an issue allowing to send massive requests to the connected Cybozu product if a user performs certain operations on KUNAI, which may result in repeated session disconnections in a short period of time and preventing normal use of KUNAI (CWE-436).
Impact
A user of KUNAI could cause a denial of service (DoS) condition by performing certain operations.
Solution
Update the Software
Update the software to the latest version according to the information provided by the developer.
Products Affected
- Cybozu KUNAI for Android 3.0.20 to 3.0.21
Related
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
Low
EPSS
Percentile
34.9%