HomePentest-Tools.com Logo

Cybozu Garoon Directory Traversal Vulnerability CVE-2017-2258

Severity
CVSSv3 Score
4.3
Vulnerability description

Cybozu Garoon is prone to a directory traversal vulnerability.

Risk description

The flaw is due to an input validation error in SOAP API WorkflowHandleApplications. Successful exploitation will allow remote attackers to read arbitrary files.

Recommendation

Update to the Cybozu Garoon version 4.2.6 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Aug 29, 2017
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available