CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
EPSS
Percentile
48.9%
Cybozu Office provided by Cybozu, Inc. contains multiple vulnerabilities listed below.
Information disclosure in the application “Message” when viewing an external image (CWE-200) - CVE-2018-0526
Version | Vector | Score |
---|---|---|
CVSS v3 | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N | Base Score: 4.3 |
CVSS v2 | AV:N/AC:M/Au:N/C:P/I:N/A:N | Base Score: 4.3 |
Stored cross-site scripting in “E-mail Details Screen” of the application “E-mail” (CWE-79) - CVE-2018-0527
Version | Vector | Score |
---|---|---|
CVSS v3 | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | Base Score: 6.1 |
CVSS v2 | AV:N/AC:M/Au:N/C:N/I:P/A:N | Base Score: 4.3 |
Browse restriction bypass in the application “Scheduler” (CWE-264) - CVE-2018-0528
Version | Vector | Score |
---|---|---|
CVSS v3 | CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | Base Score: 4.3 |
CVSS v2 | AV:N/AC:M/Au:S/C:P/I:N/A:N | Base Score: 3.5 |
Denial-of-service (DoS) in the application “Message” due to a flaw in processing of an attached file (CWE-20) - CVE-2018-0529
Version | Vector | Score |
---|---|---|
CVSS v3 | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L | Base Score: 4.3 |
CVSS v2 | AV:N/AC:L/Au:N/C:N/I:N/A:P | Base Score: 5.0 |
Reflected cross-site scripting in the application “MultiReport” (CWE-79) - CVE-2018-0565
Version | Vector | Score |
---|---|---|
CVSS v3 | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | Base Score: 6.1 |
CVSS v2 | AV:N/AC:H/Au:N/C:N/I:P/A:N | Base Score: 2.6 |
Browse restriction bypass in the application “Scheduler” (CWE-264) - CVE-2018-0566
Version | Vector | Score |
---|---|---|
CVSS v3 | CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | Base Score: 4.3 |
CVSS v2 | AV:N/AC:M/Au:S/C:P/I:N/A:N | Base Score: 3.5 |
Operation restriction bypass in the application “Bulletin” (CWE-264) - CVE-2018-0567
Version | Vector | Score |
---|---|---|
CVSS v3 | CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N | Base Score: 4.3 |
CVSS v2 | AV:N/AC:M/Au:S/C:N/I:P/A:N | Base Score: 3.5 |
Update the Software
Update to the latest version according to the information provided by the developer.
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
EPSS
Percentile
48.9%