Lucene search
HistoryFeb 27, 2014 - 1:55 a.m.
CVE-2014-0821
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
7.8
Confidence
Low
EPSS
0.003
Percentile
69.7%
SQL injection vulnerability in the download feature in Cybozu Garoon 2.x through 2.5.4 and 3.x through 3.7 SP3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2013-6930 and CVE-2013-6931.
Affected configurations
Node
cybozugaroonMatch2.0sp1
ORcybozugaroonMatch2.0sp2
ORcybozugaroonMatch2.0sp3
ORcybozugaroonMatch2.0sp4
ORcybozugaroonMatch2.0sp5
ORcybozugaroonMatch2.0sp6
ORcybozugaroonMatch2.0.0
ORcybozugaroonMatch2.0.1
ORcybozugaroonMatch2.0.2
ORcybozugaroonMatch2.0.3
ORcybozugaroonMatch2.0.4
ORcybozugaroonMatch2.0.5
ORcybozugaroonMatch2.0.6
ORcybozugaroonMatch2.1
ORcybozugaroonMatch2.1sp1
ORcybozugaroonMatch2.1sp2
ORcybozugaroonMatch2.1sp3
ORcybozugaroonMatch2.1.0
ORcybozugaroonMatch2.1.1
ORcybozugaroonMatch2.1.2
ORcybozugaroonMatch2.1.3
ORcybozugaroonMatch2.5
ORcybozugaroonMatch2.5sp1
ORcybozugaroonMatch2.5sp2
ORcybozugaroonMatch2.5sp3
ORcybozugaroonMatch2.5sp4
ORcybozugaroonMatch2.5.0
ORcybozugaroonMatch2.5.1
ORcybozugaroonMatch2.5.2
ORcybozugaroonMatch2.5.3
ORcybozugaroonMatch2.5.4
Node
cybozugaroonMatch3.0
ORcybozugaroonMatch3.0sp1
ORcybozugaroonMatch3.0sp2
ORcybozugaroonMatch3.0sp3
ORcybozugaroonMatch3.1
ORcybozugaroonMatch3.1sp1
ORcybozugaroonMatch3.1sp2
ORcybozugaroonMatch3.1sp3
ORcybozugaroonMatch3.5
ORcybozugaroonMatch3.5sp1
ORcybozugaroonMatch3.5sp2
ORcybozugaroonMatch3.5sp3
ORcybozugaroonMatch3.5sp4
ORcybozugaroonMatch3.5sp5
ORcybozugaroonMatch3.5.3
ORcybozugaroonMatch3.7
ORcybozugaroonMatch3.7sp1
ORcybozugaroonMatch3.7sp2
ORcybozugaroonMatch3.7sp3
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cybozu | garoon | 2.0 | cpe:2.3:a:cybozu:garoon:2.0:sp1:*:*:*:*:*:* |
| cybozu | garoon | 2.0 | cpe:2.3:a:cybozu:garoon:2.0:sp2:*:*:*:*:*:* |
| cybozu | garoon | 2.0 | cpe:2.3:a:cybozu:garoon:2.0:sp3:*:*:*:*:*:* |
| cybozu | garoon | 2.0 | cpe:2.3:a:cybozu:garoon:2.0:sp4:*:*:*:*:*:* |
| cybozu | garoon | 2.0 | cpe:2.3:a:cybozu:garoon:2.0:sp5:*:*:*:*:*:* |
| cybozu | garoon | 2.0 | cpe:2.3:a:cybozu:garoon:2.0:sp6:*:*:*:*:*:* |
| cybozu | garoon | 2.0.0 | cpe:2.3:a:cybozu:garoon:2.0.0:*:*:*:*:*:*:* |
| cybozu | garoon | 2.0.1 | cpe:2.3:a:cybozu:garoon:2.0.1:*:*:*:*:*:*:* |
| cybozu | garoon | 2.0.2 | cpe:2.3:a:cybozu:garoon:2.0.2:*:*:*:*:*:*:* |
| cybozu | garoon | 2.0.3 | cpe:2.3:a:cybozu:garoon:2.0.3:*:*:*:*:*:*:* |
Related
cve
cve
prion
prion
cvelist
cvelist
jvn
jvn
JVN#91153528: Multiple SQL injection vulnerabilities in Cybozu Garoon
2014-01-28 00:00:00
JVN#71045461: Cybozu Garoon vulnerable to SQL injection
2014-02-26 00:00:00
nvd
nvd
CVE-2013-6930
2014-01-29 05:37:02
CVE-2013-6931
2014-01-29 05:37:02
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
7.8
Confidence
Low
EPSS
0.003
Percentile
69.7%
Related for NVD:CVE-2014-0821