Lucene search

Japan Vulnerability NotesJVN:20246313

HistoryFeb 15, 2016 - 12:00 a.m.

JVN#20246313: Cybozu Office vulnerable to denial-of-service (DoS)

2016-02-1500:00:00

Japan Vulnerability Notes

jvn.jp

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

0.002

Percentile

64.8%

JSON

Cybozu Office contains a denial-of-service (DoS) vulnerability due to an issue in “customapp”.

Impact

An authenticated attacker may cause a denial-of-service (DoS) condition which all users can not use the system.

Solution

Update the Software
Update to the latest version according to the information provided by the developer.

Products Affected

Cybozu Office 9.9.0 to 10.3.0

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

0.002

Percentile

64.8%

JSON

Related for JVN:20246313