Cybozu Office 7 Ktai and Dotsales do not properly restrict access to the login page, which allows remote attackers to bypass authentication and obtain or modify sensitive information by using the unique ID of the user's cell phone.
References
Information
Published : 2010-05-24 12:30
Updated : 2017-08-16 18:32
NVD link : CVE-2010-2029
Mitre link : CVE-2010-2029
JSON object : View
CWE
CWE-264
Permissions, Privileges, and Access Controls
Products Affected
cybozu
- cybozu_office
- cybozu_dotsales