Search
Find a vulnerability
Search criteria
2 vulnerabilities found for cybozu_dotsales by cybozu
CVE-2010-2029 (GCVE-0-2010-2029)
Vulnerability from nvd – Published: 2010-05-24 19:00 – Updated: 2024-08-07 02:17
VLAI
Summary
Cybozu Office 7 Ktai and Dotsales do not properly restrict access to the login page, which allows remote attackers to bypass authentication and obtain or modify sensitive information by using the unique ID of the user's cell phone.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/39508 | third-party-advisoryx_refsource_SECUNIA |
| http://cybozu.co.jp/products/dl/notice/detail/0034.html | x_refsource_CONFIRM |
| http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-0… | third-party-advisoryx_refsource_JVNDB |
| http://www.osvdb.org/63933 | vdb-entryx_refsource_OSVDB |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.ipa.go.jp/security/english/vuln/201004… | x_refsource_MISC |
| http://jvn.jp/en/jp/JVN87730223/index.html | third-party-advisoryx_refsource_JVN |
Date Public
2010-04-19 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:17:14.381Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "39508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39508"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cybozu.co.jp/products/dl/notice/detail/0034.html"
},
{
"name": "JVNDB-2010-000016",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000016.html"
},
{
"name": "63933",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/63933"
},
{
"name": "cybozu-office-dotsales-sec-bypass(57976)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57976"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ipa.go.jp/security/english/vuln/201004_cybozu_en.html"
},
{
"name": "JVN#87730223",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN87730223/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-04-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cybozu Office 7 Ktai and Dotsales do not properly restrict access to the login page, which allows remote attackers to bypass authentication and obtain or modify sensitive information by using the unique ID of the user\u0027s cell phone."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "39508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39508"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cybozu.co.jp/products/dl/notice/detail/0034.html"
},
{
"name": "JVNDB-2010-000016",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000016.html"
},
{
"name": "63933",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/63933"
},
{
"name": "cybozu-office-dotsales-sec-bypass(57976)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57976"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ipa.go.jp/security/english/vuln/201004_cybozu_en.html"
},
{
"name": "JVN#87730223",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN87730223/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2029",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cybozu Office 7 Ktai and Dotsales do not properly restrict access to the login page, which allows remote attackers to bypass authentication and obtain or modify sensitive information by using the unique ID of the user\u0027s cell phone."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "39508",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39508"
},
{
"name": "http://cybozu.co.jp/products/dl/notice/detail/0034.html",
"refsource": "CONFIRM",
"url": "http://cybozu.co.jp/products/dl/notice/detail/0034.html"
},
{
"name": "JVNDB-2010-000016",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000016.html"
},
{
"name": "63933",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/63933"
},
{
"name": "cybozu-office-dotsales-sec-bypass(57976)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57976"
},
{
"name": "http://www.ipa.go.jp/security/english/vuln/201004_cybozu_en.html",
"refsource": "MISC",
"url": "http://www.ipa.go.jp/security/english/vuln/201004_cybozu_en.html"
},
{
"name": "JVN#87730223",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN87730223/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-2029",
"datePublished": "2010-05-24T19:00:00.000Z",
"dateReserved": "2010-05-24T00:00:00.000Z",
"dateUpdated": "2024-08-07T02:17:14.381Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-2029 (GCVE-0-2010-2029)
Vulnerability from cvelistv5 – Published: 2010-05-24 19:00 – Updated: 2024-08-07 02:17
VLAI
Summary
Cybozu Office 7 Ktai and Dotsales do not properly restrict access to the login page, which allows remote attackers to bypass authentication and obtain or modify sensitive information by using the unique ID of the user's cell phone.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/39508 | third-party-advisoryx_refsource_SECUNIA |
| http://cybozu.co.jp/products/dl/notice/detail/0034.html | x_refsource_CONFIRM |
| http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-0… | third-party-advisoryx_refsource_JVNDB |
| http://www.osvdb.org/63933 | vdb-entryx_refsource_OSVDB |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.ipa.go.jp/security/english/vuln/201004… | x_refsource_MISC |
| http://jvn.jp/en/jp/JVN87730223/index.html | third-party-advisoryx_refsource_JVN |
Date Public
2010-04-19 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:17:14.381Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "39508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39508"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cybozu.co.jp/products/dl/notice/detail/0034.html"
},
{
"name": "JVNDB-2010-000016",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000016.html"
},
{
"name": "63933",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/63933"
},
{
"name": "cybozu-office-dotsales-sec-bypass(57976)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57976"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ipa.go.jp/security/english/vuln/201004_cybozu_en.html"
},
{
"name": "JVN#87730223",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN87730223/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-04-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cybozu Office 7 Ktai and Dotsales do not properly restrict access to the login page, which allows remote attackers to bypass authentication and obtain or modify sensitive information by using the unique ID of the user\u0027s cell phone."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "39508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39508"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cybozu.co.jp/products/dl/notice/detail/0034.html"
},
{
"name": "JVNDB-2010-000016",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000016.html"
},
{
"name": "63933",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/63933"
},
{
"name": "cybozu-office-dotsales-sec-bypass(57976)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57976"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ipa.go.jp/security/english/vuln/201004_cybozu_en.html"
},
{
"name": "JVN#87730223",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN87730223/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2029",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cybozu Office 7 Ktai and Dotsales do not properly restrict access to the login page, which allows remote attackers to bypass authentication and obtain or modify sensitive information by using the unique ID of the user\u0027s cell phone."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "39508",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39508"
},
{
"name": "http://cybozu.co.jp/products/dl/notice/detail/0034.html",
"refsource": "CONFIRM",
"url": "http://cybozu.co.jp/products/dl/notice/detail/0034.html"
},
{
"name": "JVNDB-2010-000016",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000016.html"
},
{
"name": "63933",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/63933"
},
{
"name": "cybozu-office-dotsales-sec-bypass(57976)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57976"
},
{
"name": "http://www.ipa.go.jp/security/english/vuln/201004_cybozu_en.html",
"refsource": "MISC",
"url": "http://www.ipa.go.jp/security/english/vuln/201004_cybozu_en.html"
},
{
"name": "JVN#87730223",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN87730223/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-2029",
"datePublished": "2010-05-24T19:00:00.000Z",
"dateReserved": "2010-05-24T00:00:00.000Z",
"dateUpdated": "2024-08-07T02:17:14.381Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}