CVE-2017-2258

Directory traversal vulnerability in Cybozu Garoon 4.2.4 to 4.2.5 allows an attacker to read arbitrary files via Garoon SOAP API "WorkflowHandleApplications".
References
Link Resource
https://support.cybozu.com/ja-jp/article/9846 Vendor Advisory
https://jvn.jp/en/jp/JVN63564682/index.html Third Party Advisory VDB Entry
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:cybozu:garoon:4.2.4:*:*:*:*:*:*:*
cpe:2.3:a:cybozu:garoon:4.2.5:*:*:*:*:*:*:*

Information

Published : 2017-08-28 18:35

Updated : 2017-08-30 08:08


NVD link : CVE-2017-2258

Mitre link : CVE-2017-2258


JSON object : View

CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Advertisement

dedicated server usa

Products Affected

cybozu

  • garoon