Search

Find a vulnerability

Search criteria

    15 vulnerabilities found for Cybozu Dezie by Cybozu, Inc.

    CVE-2018-0705 (GCVE-0-2018-0705)

    Vulnerability from nvd – Published: 2019-01-09 22:00 – Updated: 2024-08-05 03:35
    VLAI
    Summary
    Directory traversal vulnerability in Cybozu Dezie 8.0.2 to 8.1.2 allows remote attackers to read arbitrary files via HTTP requests.
    Severity
    No CVSS data available.
    CWE
    • Directory traversal
    Assigner
    References
    URL Tags
    https://jvn.jp/en/jp/JVN16697622/index.html third-party-advisoryx_refsource_JVN
    https://kb.cybozu.support/article/34089/ x_refsource_MISC
    Impacted products
    Vendor Product Version
    Cybozu, Inc. Cybozu Dezie Affected: 8.0.2 to 8.1.2
    Create a notification for this product.
    Date Public
    2019-01-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T03:35:48.908Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "JVN#16697622",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/jp/JVN16697622/index.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://kb.cybozu.support/article/34089/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cybozu Dezie",
              "vendor": "Cybozu, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "8.0.2 to 8.1.2"
                }
              ]
            }
          ],
          "datePublic": "2019-01-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Directory traversal vulnerability in Cybozu Dezie 8.0.2 to 8.1.2 allows remote attackers to read arbitrary files via HTTP requests."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Directory traversal",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-01-09T21:57:01.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "name": "JVN#16697622",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "https://jvn.jp/en/jp/JVN16697622/index.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://kb.cybozu.support/article/34089/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2018-0705",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cybozu Dezie",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "8.0.2 to 8.1.2"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cybozu, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Directory traversal vulnerability in Cybozu Dezie 8.0.2 to 8.1.2 allows remote attackers to read arbitrary files via HTTP requests."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Directory traversal"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "JVN#16697622",
                  "refsource": "JVN",
                  "url": "https://jvn.jp/en/jp/JVN16697622/index.html"
                },
                {
                  "name": "https://kb.cybozu.support/article/34089/",
                  "refsource": "MISC",
                  "url": "https://kb.cybozu.support/article/34089/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2018-0705",
        "datePublished": "2019-01-09T22:00:00.000Z",
        "dateReserved": "2017-11-27T00:00:00.000Z",
        "dateUpdated": "2024-08-05T03:35:48.908Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-7833 (GCVE-0-2016-7833)

    Vulnerability from nvd – Published: 2017-06-09 16:00 – Updated: 2024-08-06 02:04
    VLAI
    Summary
    Cybozu Dezie 8.0.0 to 8.1.1 allows remote attackers to bypass access restrictions to delete an arbitrary DBM (Cybozu Dezie proprietary format) file via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • Fails to restrict access
    Assigner
    References
    URL Tags
    https://jvn.jp/en/jp/JVN16781735/index.html third-party-advisoryx_refsource_JVN
    http://www.securityfocus.com/bid/94831 vdb-entryx_refsource_BID
    https://support.cybozu.com/ja-jp/article/9741 x_refsource_CONFIRM
    Impacted products
    Vendor Product Version
    Cybozu, Inc. Cybozu Dezie Affected: 8.0.0 to 8.1.1
    Create a notification for this product.
    Date Public
    2016-12-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:04:56.097Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "JVN#16781735",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/jp/JVN16781735/index.html"
              },
              {
                "name": "94831",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94831"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.cybozu.com/ja-jp/article/9741"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cybozu Dezie",
              "vendor": "Cybozu, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "8.0.0 to 8.1.1"
                }
              ]
            }
          ],
          "datePublic": "2016-12-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cybozu Dezie 8.0.0 to 8.1.1 allows remote attackers to bypass access restrictions to delete an arbitrary DBM (Cybozu Dezie proprietary format) file via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Fails to restrict access",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-06-12T09:57:01.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "name": "JVN#16781735",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "https://jvn.jp/en/jp/JVN16781735/index.html"
            },
            {
              "name": "94831",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94831"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.cybozu.com/ja-jp/article/9741"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2016-7833",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cybozu Dezie",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "8.0.0 to 8.1.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cybozu, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cybozu Dezie 8.0.0 to 8.1.1 allows remote attackers to bypass access restrictions to delete an arbitrary DBM (Cybozu Dezie proprietary format) file via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Fails to restrict access"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "JVN#16781735",
                  "refsource": "JVN",
                  "url": "https://jvn.jp/en/jp/JVN16781735/index.html"
                },
                {
                  "name": "94831",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94831"
                },
                {
                  "name": "https://support.cybozu.com/ja-jp/article/9741",
                  "refsource": "CONFIRM",
                  "url": "https://support.cybozu.com/ja-jp/article/9741"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2016-7833",
        "datePublished": "2017-06-09T16:00:00.000Z",
        "dateReserved": "2016-09-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:04:56.097Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-7832 (GCVE-0-2016-7832)

    Vulnerability from nvd – Published: 2017-06-09 16:00 – Updated: 2024-08-06 02:04
    VLAI
    Summary
    Cybozu Dezie 8.0.0 to 8.1.1 allows remote attackers to bypass access restrictions to obtain an arbitrary DBM (Cybozu Dezie proprietary format) file via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • Fails to restrict access
    Assigner
    References
    URL Tags
    https://support.cybozu.com/ja-jp/article/9742 x_refsource_CONFIRM
    https://jvn.jp/en/jp/JVN16781735/index.html third-party-advisoryx_refsource_JVN
    http://www.securityfocus.com/bid/94831 vdb-entryx_refsource_BID
    Impacted products
    Vendor Product Version
    Cybozu, Inc. Cybozu Dezie Affected: 8.0.0 to 8.1.1
    Create a notification for this product.
    Date Public
    2016-12-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:04:56.096Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.cybozu.com/ja-jp/article/9742"
              },
              {
                "name": "JVN#16781735",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/jp/JVN16781735/index.html"
              },
              {
                "name": "94831",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94831"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cybozu Dezie",
              "vendor": "Cybozu, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "8.0.0 to 8.1.1"
                }
              ]
            }
          ],
          "datePublic": "2016-12-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cybozu Dezie 8.0.0 to 8.1.1 allows remote attackers to bypass access restrictions to obtain an arbitrary DBM (Cybozu Dezie proprietary format) file via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Fails to restrict access",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-06-12T09:57:01.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.cybozu.com/ja-jp/article/9742"
            },
            {
              "name": "JVN#16781735",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "https://jvn.jp/en/jp/JVN16781735/index.html"
            },
            {
              "name": "94831",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94831"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2016-7832",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cybozu Dezie",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "8.0.0 to 8.1.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cybozu, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cybozu Dezie 8.0.0 to 8.1.1 allows remote attackers to bypass access restrictions to obtain an arbitrary DBM (Cybozu Dezie proprietary format) file via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Fails to restrict access"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.cybozu.com/ja-jp/article/9742",
                  "refsource": "CONFIRM",
                  "url": "https://support.cybozu.com/ja-jp/article/9742"
                },
                {
                  "name": "JVN#16781735",
                  "refsource": "JVN",
                  "url": "https://jvn.jp/en/jp/JVN16781735/index.html"
                },
                {
                  "name": "94831",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94831"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2016-7832",
        "datePublished": "2017-06-09T16:00:00.000Z",
        "dateReserved": "2016-09-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:04:56.096Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-0705 (GCVE-0-2018-0705)

    Vulnerability from cvelistv5 – Published: 2019-01-09 22:00 – Updated: 2024-08-05 03:35
    VLAI
    Summary
    Directory traversal vulnerability in Cybozu Dezie 8.0.2 to 8.1.2 allows remote attackers to read arbitrary files via HTTP requests.
    Severity
    No CVSS data available.
    CWE
    • Directory traversal
    Assigner
    References
    URL Tags
    https://jvn.jp/en/jp/JVN16697622/index.html third-party-advisoryx_refsource_JVN
    https://kb.cybozu.support/article/34089/ x_refsource_MISC
    Impacted products
    Vendor Product Version
    Cybozu, Inc. Cybozu Dezie Affected: 8.0.2 to 8.1.2
    Create a notification for this product.
    Date Public
    2019-01-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T03:35:48.908Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "JVN#16697622",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/jp/JVN16697622/index.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://kb.cybozu.support/article/34089/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cybozu Dezie",
              "vendor": "Cybozu, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "8.0.2 to 8.1.2"
                }
              ]
            }
          ],
          "datePublic": "2019-01-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Directory traversal vulnerability in Cybozu Dezie 8.0.2 to 8.1.2 allows remote attackers to read arbitrary files via HTTP requests."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Directory traversal",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-01-09T21:57:01.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "name": "JVN#16697622",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "https://jvn.jp/en/jp/JVN16697622/index.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://kb.cybozu.support/article/34089/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2018-0705",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cybozu Dezie",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "8.0.2 to 8.1.2"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cybozu, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Directory traversal vulnerability in Cybozu Dezie 8.0.2 to 8.1.2 allows remote attackers to read arbitrary files via HTTP requests."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Directory traversal"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "JVN#16697622",
                  "refsource": "JVN",
                  "url": "https://jvn.jp/en/jp/JVN16697622/index.html"
                },
                {
                  "name": "https://kb.cybozu.support/article/34089/",
                  "refsource": "MISC",
                  "url": "https://kb.cybozu.support/article/34089/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2018-0705",
        "datePublished": "2019-01-09T22:00:00.000Z",
        "dateReserved": "2017-11-27T00:00:00.000Z",
        "dateUpdated": "2024-08-05T03:35:48.908Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-7833 (GCVE-0-2016-7833)

    Vulnerability from cvelistv5 – Published: 2017-06-09 16:00 – Updated: 2024-08-06 02:04
    VLAI
    Summary
    Cybozu Dezie 8.0.0 to 8.1.1 allows remote attackers to bypass access restrictions to delete an arbitrary DBM (Cybozu Dezie proprietary format) file via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • Fails to restrict access
    Assigner
    References
    URL Tags
    https://jvn.jp/en/jp/JVN16781735/index.html third-party-advisoryx_refsource_JVN
    http://www.securityfocus.com/bid/94831 vdb-entryx_refsource_BID
    https://support.cybozu.com/ja-jp/article/9741 x_refsource_CONFIRM
    Impacted products
    Vendor Product Version
    Cybozu, Inc. Cybozu Dezie Affected: 8.0.0 to 8.1.1
    Create a notification for this product.
    Date Public
    2016-12-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:04:56.097Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "JVN#16781735",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/jp/JVN16781735/index.html"
              },
              {
                "name": "94831",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94831"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.cybozu.com/ja-jp/article/9741"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cybozu Dezie",
              "vendor": "Cybozu, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "8.0.0 to 8.1.1"
                }
              ]
            }
          ],
          "datePublic": "2016-12-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cybozu Dezie 8.0.0 to 8.1.1 allows remote attackers to bypass access restrictions to delete an arbitrary DBM (Cybozu Dezie proprietary format) file via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Fails to restrict access",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-06-12T09:57:01.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "name": "JVN#16781735",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "https://jvn.jp/en/jp/JVN16781735/index.html"
            },
            {
              "name": "94831",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94831"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.cybozu.com/ja-jp/article/9741"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2016-7833",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cybozu Dezie",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "8.0.0 to 8.1.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cybozu, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cybozu Dezie 8.0.0 to 8.1.1 allows remote attackers to bypass access restrictions to delete an arbitrary DBM (Cybozu Dezie proprietary format) file via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Fails to restrict access"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "JVN#16781735",
                  "refsource": "JVN",
                  "url": "https://jvn.jp/en/jp/JVN16781735/index.html"
                },
                {
                  "name": "94831",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94831"
                },
                {
                  "name": "https://support.cybozu.com/ja-jp/article/9741",
                  "refsource": "CONFIRM",
                  "url": "https://support.cybozu.com/ja-jp/article/9741"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2016-7833",
        "datePublished": "2017-06-09T16:00:00.000Z",
        "dateReserved": "2016-09-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:04:56.097Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-7832 (GCVE-0-2016-7832)

    Vulnerability from cvelistv5 – Published: 2017-06-09 16:00 – Updated: 2024-08-06 02:04
    VLAI
    Summary
    Cybozu Dezie 8.0.0 to 8.1.1 allows remote attackers to bypass access restrictions to obtain an arbitrary DBM (Cybozu Dezie proprietary format) file via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • Fails to restrict access
    Assigner
    References
    URL Tags
    https://support.cybozu.com/ja-jp/article/9742 x_refsource_CONFIRM
    https://jvn.jp/en/jp/JVN16781735/index.html third-party-advisoryx_refsource_JVN
    http://www.securityfocus.com/bid/94831 vdb-entryx_refsource_BID
    Impacted products
    Vendor Product Version
    Cybozu, Inc. Cybozu Dezie Affected: 8.0.0 to 8.1.1
    Create a notification for this product.
    Date Public
    2016-12-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:04:56.096Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.cybozu.com/ja-jp/article/9742"
              },
              {
                "name": "JVN#16781735",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/jp/JVN16781735/index.html"
              },
              {
                "name": "94831",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94831"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cybozu Dezie",
              "vendor": "Cybozu, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "8.0.0 to 8.1.1"
                }
              ]
            }
          ],
          "datePublic": "2016-12-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cybozu Dezie 8.0.0 to 8.1.1 allows remote attackers to bypass access restrictions to obtain an arbitrary DBM (Cybozu Dezie proprietary format) file via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Fails to restrict access",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-06-12T09:57:01.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.cybozu.com/ja-jp/article/9742"
            },
            {
              "name": "JVN#16781735",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "https://jvn.jp/en/jp/JVN16781735/index.html"
            },
            {
              "name": "94831",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94831"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2016-7832",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cybozu Dezie",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "8.0.0 to 8.1.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cybozu, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cybozu Dezie 8.0.0 to 8.1.1 allows remote attackers to bypass access restrictions to obtain an arbitrary DBM (Cybozu Dezie proprietary format) file via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Fails to restrict access"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.cybozu.com/ja-jp/article/9742",
                  "refsource": "CONFIRM",
                  "url": "https://support.cybozu.com/ja-jp/article/9742"
                },
                {
                  "name": "JVN#16781735",
                  "refsource": "JVN",
                  "url": "https://jvn.jp/en/jp/JVN16781735/index.html"
                },
                {
                  "name": "94831",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94831"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2016-7832",
        "datePublished": "2017-06-09T16:00:00.000Z",
        "dateReserved": "2016-09-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:04:56.096Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    JVNDB-2018-000121

    Vulnerability from jvndb - Published: 2018-11-14 15:42 - Updated:2019-08-27 12:25
    Severity
    Summary
    Cybozu Dezie vulnerable to directory traversal
    Details
    Cybozu Dezie provided by Cybozu, Inc. contains a directory traversal vulnerability (CWE-22) due to a flaw in processing parameter of the HTTP request. Yuji Tounai reported this vulnerability to Cybozu, Inc., and Cybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Cybozu, Inc. coordinated under the Information Security Early Warning Partnership.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2018/JVNDB-2018-000121.html",
      "dc:date": "2019-08-27T12:25+09:00",
      "dcterms:issued": "2018-11-14T15:42+09:00",
      "dcterms:modified": "2019-08-27T12:25+09:00",
      "description": "Cybozu Dezie provided by Cybozu, Inc. contains a directory traversal vulnerability (CWE-22) due to a flaw in processing parameter of the HTTP request.\r\n\r\nYuji Tounai reported this vulnerability to Cybozu, Inc., and Cybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Cybozu, Inc. coordinated under the Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2018/JVNDB-2018-000121.html",
      "sec:cpe": {
        "#text": "cpe:/a:cybozu:dezie",
        "@product": "Cybozu Dezie",
        "@vendor": "Cybozu, Inc.",
        "@version": "2.2"
      },
      "sec:cvss": [
        {
          "@score": "7.8",
          "@severity": "High",
          "@type": "Base",
          "@vector": "AV:N/AC:L/Au:N/C:N/I:C/A:N",
          "@version": "2.0"
        },
        {
          "@score": "8.6",
          "@severity": "High",
          "@type": "Base",
          "@vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
          "@version": "3.0"
        }
      ],
      "sec:identifier": "JVNDB-2018-000121",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN16697622/index.html",
          "@id": "JVN#16697622",
          "@source": "JVN"
        },
        {
          "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0705",
          "@id": "CVE-2018-0705",
          "@source": "CVE"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2018-0705",
          "@id": "CVE-2018-0705",
          "@source": "NVD"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-22",
          "@title": "Path Traversal(CWE-22)"
        }
      ],
      "title": "Cybozu Dezie vulnerable to directory traversal"
    }

    JVNDB-2016-000244

    Vulnerability from jvndb - Published: 2016-12-12 14:49 - Updated:2017-11-27 17:12
    Severity
    Summary
    Access restriction bypass to delete DBM files in Cybozu Dezie
    Details
    Cybozu Dezie provided by Cybozu,Inc. contains an access restriction bypass vulnerability to delete DBM (Cybozu Dezie proprietary format) files. Cybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Cybozu, Inc. coordinated under the Information Security Early Warning Partnership.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000244.html",
      "dc:date": "2017-11-27T17:12+09:00",
      "dcterms:issued": "2016-12-12T14:49+09:00",
      "dcterms:modified": "2017-11-27T17:12+09:00",
      "description": "Cybozu Dezie provided by Cybozu,Inc. contains an access restriction bypass vulnerability to delete DBM (Cybozu Dezie proprietary format) files.\r\n\r\nCybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Cybozu, Inc. coordinated under the Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000244.html",
      "sec:cpe": {
        "#text": "cpe:/a:cybozu:dezie",
        "@product": "Cybozu Dezie",
        "@vendor": "Cybozu, Inc.",
        "@version": "2.2"
      },
      "sec:cvss": [
        {
          "@score": "6.4",
          "@severity": "Medium",
          "@type": "Base",
          "@vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
          "@version": "2.0"
        },
        {
          "@score": "6.5",
          "@severity": "Medium",
          "@type": "Base",
          "@vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
          "@version": "3.0"
        }
      ],
      "sec:identifier": "JVNDB-2016-000244",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN16781735/index.html",
          "@id": "JVN#16781735",
          "@source": "JVN"
        },
        {
          "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7833",
          "@id": "CVE-2016-7833",
          "@source": "CVE"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2016-7833",
          "@id": "CVE-2016-7833",
          "@source": "NVD"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-264",
          "@title": "Permissions(CWE-264)"
        }
      ],
      "title": "Access restriction bypass to delete DBM files in Cybozu Dezie"
    }

    JVNDB-2016-000243

    Vulnerability from jvndb - Published: 2016-12-12 14:49 - Updated:2017-11-27 17:12
    Severity
    Summary
    Access restriction bypass to download DBM files in Cybozu Dezie
    Details
    Cybozu Dezie provided by Cybozu,Inc. contains an access restriction bypass vulnerability to download DBM (Cybozu Dezie proprietary format) files. Cybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Cybozu, Inc. coordinated under the Information Security Early Warning Partnership.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000243.html",
      "dc:date": "2017-11-27T17:12+09:00",
      "dcterms:issued": "2016-12-12T14:49+09:00",
      "dcterms:modified": "2017-11-27T17:12+09:00",
      "description": "Cybozu Dezie provided by Cybozu,Inc.  contains an access restriction bypass vulnerability to download DBM (Cybozu Dezie proprietary format) files.\r\n\r\nCybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Cybozu, Inc. coordinated under the Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000243.html",
      "sec:cpe": {
        "#text": "cpe:/a:cybozu:dezie",
        "@product": "Cybozu Dezie",
        "@vendor": "Cybozu, Inc.",
        "@version": "2.2"
      },
      "sec:cvss": [
        {
          "@score": "5.0",
          "@severity": "Medium",
          "@type": "Base",
          "@vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "@version": "2.0"
        },
        {
          "@score": "5.3",
          "@severity": "Medium",
          "@type": "Base",
          "@vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
          "@version": "3.0"
        }
      ],
      "sec:identifier": "JVNDB-2016-000243",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN16781735/index.html",
          "@id": "JVN#16781735",
          "@source": "JVN"
        },
        {
          "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7832",
          "@id": "CVE-2016-7832",
          "@source": "CVE"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2016-7832",
          "@id": "CVE-2016-7832",
          "@source": "NVD"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-264",
          "@title": "Permissions(CWE-264)"
        }
      ],
      "title": "Access restriction bypass to download DBM files in Cybozu Dezie"
    }

    JVNDB-2014-000130

    Vulnerability from jvndb - Published: 2014-11-11 13:36 - Updated:2014-11-25 17:52
    Severity
    N/A (UNKNOWN) - -
    Summary
    Multiple Cybozu products vulnerable to buffer overflow
    Details
    Multiple products provided by Cybozu, Inc. contain a buffer overflow vulnerability (CWE-119). Masaaki Chida of GREE, Inc. reported this vulnerability to the developer. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2014/JVNDB-2014-000130.html",
      "dc:date": "2014-11-25T17:52+09:00",
      "dcterms:issued": "2014-11-11T13:36+09:00",
      "dcterms:modified": "2014-11-25T17:52+09:00",
      "description": "Multiple products provided by Cybozu, Inc. contain a buffer overflow vulnerability (CWE-119).\r\n\r\nMasaaki Chida of GREE, Inc. reported this vulnerability to the developer.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2014/JVNDB-2014-000130.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:cybozu:dezie",
          "@product": "Cybozu Dezie",
          "@vendor": "Cybozu, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:cybozu:mailwise",
          "@product": "Cybozu Mailwise",
          "@vendor": "Cybozu, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:cybozu:office",
          "@product": "Cybozu Office",
          "@vendor": "Cybozu, Inc.",
          "@version": "2.2"
        }
      ],
      "sec:cvss": {
        "@score": "9.0",
        "@severity": "High",
        "@type": "Base",
        "@vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2014-000130",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN14691234/index.html",
          "@id": "JVN#14691234",
          "@source": "JVN"
        },
        {
          "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5314",
          "@id": "CVE-2014-5314",
          "@source": "CVE"
        },
        {
          "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-5314",
          "@id": "CVE-2014-5314",
          "@source": "NVD"
        },
        {
          "#text": "http://www.ipa.go.jp/security/ciadr/vul/20141111-jvn.html",
          "@id": "Security Alert for Multiple Cybozu products vulnerable to buffer overflow (JVN#14691234)",
          "@source": "IPA SECURITY ALERTS"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-119",
          "@title": "Buffer Errors(CWE-119)"
        }
      ],
      "title": "Multiple Cybozu products vulnerable to buffer overflow"
    }

    JVNDB-2013-000118

    Vulnerability from jvndb - Published: 2013-12-10 14:13 - Updated:2013-12-18 14:51
    Severity
    N/A (UNKNOWN) - -
    Summary
    Cybozu Dezie vulnerable to cross-site scripting
    Details
    Cybozu Dezie provided by Cybozu, Inc. contains a cross-site scripting vulnerability. Ken Asai reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000118.html",
      "dc:date": "2013-12-18T14:51+09:00",
      "dcterms:issued": "2013-12-10T14:13+09:00",
      "dcterms:modified": "2013-12-18T14:51+09:00",
      "description": "Cybozu Dezie provided by Cybozu, Inc. contains a cross-site scripting vulnerability.\r\n\r\nKen Asai reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000118.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:cybozu:dezie",
          "@product": "Cybozu Dezie",
          "@vendor": "Cybozu, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:cybozu:office",
          "@product": "Cybozu Office",
          "@vendor": "Cybozu, Inc.",
          "@version": "2.2"
        }
      ],
      "sec:cvss": {
        "@score": "2.6",
        "@severity": "Low",
        "@type": "Base",
        "@vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2013-000118",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN21336955/index.html",
          "@id": "JVN#21336955",
          "@source": "JVN"
        },
        {
          "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6005",
          "@id": "CVE-2013-6005",
          "@source": "CVE"
        },
        {
          "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6005",
          "@id": "CVE-2013-6005",
          "@source": "NVD"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-79",
          "@title": "Cross-site Scripting(CWE-79)"
        }
      ],
      "title": "Cybozu Dezie vulnerable to cross-site scripting"
    }

    JVNDB-2013-000034

    Vulnerability from jvndb - Published: 2013-04-15 17:08 - Updated:2013-06-25 18:36
    Severity
    N/A (UNKNOWN) - -
    Summary
    Multiple Cybozu products vulnerable to cross-site request forgery
    Details
    Multiple Cybozu products contain a cross-site request forgery vulnerability.
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000034.html",
      "dc:date": "2013-06-25T18:36+09:00",
      "dcterms:issued": "2013-04-15T17:08+09:00",
      "dcterms:modified": "2013-06-25T18:36+09:00",
      "description": "Multiple Cybozu products contain a cross-site request forgery vulnerability.",
      "link": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000034.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:cybozu:dezie",
          "@product": "Cybozu Dezie",
          "@vendor": "Cybozu, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:cybozu:mailwise",
          "@product": "Cybozu Mailwise",
          "@vendor": "Cybozu, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:cybozu:office",
          "@product": "Cybozu Office",
          "@vendor": "Cybozu, Inc.",
          "@version": "2.2"
        }
      ],
      "sec:cvss": {
        "@score": "2.6",
        "@severity": "Low",
        "@type": "Base",
        "@vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2013-000034",
      "sec:references": [
        {
          "#text": "https://jvn.jp/en/jp/JVN06251813/index.html",
          "@id": "JVN#06251813",
          "@source": "JVN"
        },
        {
          "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2305",
          "@id": "CVE-2013-2305",
          "@source": "CVE"
        },
        {
          "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2305",
          "@id": "CVE-2013-2305",
          "@source": "NVD"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-352",
          "@title": "Cross-Site Request Forgery(CWE-352)"
        }
      ],
      "title": "Multiple Cybozu products vulnerable to cross-site request forgery"
    }

    JVNDB-2011-000046

    Vulnerability from jvndb - Published: 2011-06-24 19:21 - Updated:2011-06-24 19:21
    Severity
    N/A (UNKNOWN) - -
    Summary
    Multiple Cybozu products vulnerable to cross-site scripting
    Details
    Multiple products provided by Cybozu, Inc. contain a cross-site scripting vulnerability. Multiple groupware provided by Cybozu, Inc. contain a cross-site scripting vulnerability due to an issue when downloading graphic files from the mail system. Sen UENO of Tricorder Co. Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000046.html",
      "dc:date": "2011-06-24T19:21+09:00",
      "dcterms:issued": "2011-06-24T19:21+09:00",
      "dcterms:modified": "2011-06-24T19:21+09:00",
      "description": "Multiple products provided by Cybozu, Inc. contain a cross-site scripting vulnerability.\r\n\r\nMultiple groupware provided by Cybozu, Inc. contain a cross-site scripting vulnerability due to an issue when downloading graphic files from the mail system.\r\n\r\nSen UENO of Tricorder Co. Ltd. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000046.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:cybozu:collaborex",
          "@product": "Cybozu Collaborex",
          "@vendor": "Cybozu, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:cybozu:dezie",
          "@product": "Cybozu Dezie",
          "@vendor": "Cybozu, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:cybozu:garoon",
          "@product": "Cybozu Garoon",
          "@vendor": "Cybozu, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:cybozu:mailwise",
          "@product": "Cybozu Mailwise",
          "@vendor": "Cybozu, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:cybozu:office",
          "@product": "Cybozu Office",
          "@vendor": "Cybozu, Inc.",
          "@version": "2.2"
        }
      ],
      "sec:cvss": {
        "@score": "4.3",
        "@severity": "Medium",
        "@type": "Base",
        "@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2011-000046",
      "sec:references": [
        {
          "#text": "https://jvn.jp/en/jp/JVN54074460",
          "@id": "JVN#54074460",
          "@source": "JVN"
        },
        {
          "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1334",
          "@id": "CVE-2011-1334",
          "@source": "CVE"
        },
        {
          "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1334",
          "@id": "CVE-2011-1334",
          "@source": "NVD"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-79",
          "@title": "Cross-site Scripting(CWE-79)"
        }
      ],
      "title": "Multiple Cybozu products vulnerable to cross-site scripting"
    }

    JVNDB-2009-000067

    Vulnerability from jvndb - Published: 2009-10-15 15:21 - Updated:2009-10-15 15:21
    Severity
    N/A (UNKNOWN) - -
    Summary
    Multiple Cybozu products vulnerable to cross-site scripting
    Details
    Multiple Cybozu products are vulnerable to cross-site scripting. Multiple products (groupware etc.) provided by Cybozu, Inc. contain a cross-site scripting vulnerablility. This vulnerability is different from JVN#50342989, and JVN#90712589. Takeshi Terada of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-000067.html",
      "dc:date": "2009-10-15T15:21+09:00",
      "dcterms:issued": "2009-10-15T15:21+09:00",
      "dcterms:modified": "2009-10-15T15:21+09:00",
      "description": "Multiple Cybozu products are vulnerable to cross-site scripting.\r\n\r\nMultiple products (groupware etc.) provided by Cybozu, Inc. contain a cross-site scripting vulnerablility.\r\n\r\nThis vulnerability is different from JVN#50342989, and JVN#90712589.\r\n\r\nTakeshi Terada of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-000067.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:cybozu:dezie",
          "@product": "Cybozu Dezie",
          "@vendor": "Cybozu, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:cybozu:mailwise",
          "@product": "Cybozu Mailwise",
          "@vendor": "Cybozu, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:cybozu:office",
          "@product": "Cybozu Office",
          "@vendor": "Cybozu, Inc.",
          "@version": "2.2"
        }
      ],
      "sec:cvss": {
        "@score": "2.6",
        "@severity": "Low",
        "@type": "Base",
        "@vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2009-000067",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN23108985/index.html",
          "@id": "JVN#23108985",
          "@source": "JVN"
        },
        {
          "#text": "http://secunia.com/advisories/37011/",
          "@id": "SA37011",
          "@source": "SECUNIA"
        },
        {
          "#text": "http://www.securityfocus.com/bid/36704",
          "@id": "36704",
          "@source": "BID"
        },
        {
          "#text": "http://www.vupen.com/english/advisories/2009/2918",
          "@id": "VUPEN/ADV-2009-2918",
          "@source": "VUPEN"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-79",
          "@title": "Cross-site Scripting(CWE-79)"
        }
      ],
      "title": "Multiple Cybozu products vulnerable to cross-site scripting"
    }

    JVNDB-2008-000033

    Vulnerability from jvndb - Published: 2008-07-08 12:14 - Updated:2008-07-08 12:14
    Severity
    N/A (UNKNOWN) - -
    Summary
    Multiple Cybozu products vulnerable to cross-site request forgery
    Details
    Multiple Cybozu products contain a cross-site request forgery vulnerability. Daiki Fukumori of Secure Sky Technology, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the vendors under Information Security Early Warning Partnership.
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000033.html",
      "dc:date": "2008-07-08T12:14+09:00",
      "dcterms:issued": "2008-07-08T12:14+09:00",
      "dcterms:modified": "2008-07-08T12:14+09:00",
      "description": "Multiple Cybozu products contain a cross-site request forgery vulnerability.\r\n\r\nDaiki Fukumori of Secure Sky Technology, Inc. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the vendors under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000033.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:cybozu:dezie",
          "@product": "Cybozu Dezie",
          "@vendor": "Cybozu, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:cybozu:garoon",
          "@product": "Cybozu Garoon",
          "@vendor": "Cybozu, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:cybozu:office",
          "@product": "Cybozu Office",
          "@vendor": "Cybozu, Inc.",
          "@version": "2.2"
        }
      ],
      "sec:cvss": {
        "@score": "2.6",
        "@severity": "Low",
        "@type": "Base",
        "@vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2008-000033",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN18405927/index.html",
          "@id": "JVN#18405927",
          "@source": "JVN"
        },
        {
          "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6744",
          "@id": "CVE-2008-6744",
          "@source": "CVE"
        },
        {
          "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6744",
          "@id": "CVE-2008-6744",
          "@source": "NVD"
        },
        {
          "#text": "http://secunia.com/advisories/30882",
          "@id": "SA30882",
          "@source": "SECUNIA"
        },
        {
          "#text": "http://osvdb.org/46575",
          "@id": "46575",
          "@source": "OSVDB"
        },
        {
          "#text": "http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000033.html",
          "@id": "JVNDB-2008-000033",
          "@source": "JVNDB_Ja"
        }
      ],
      "title": "Multiple Cybozu products vulnerable to cross-site request forgery"
    }