← Back

CVE-2017-2115

nvd nist
Published: Apr 28, 2017Modified: May 13, 2026

JSON object

Loading...
4.3
Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Exploitability: 2.8 / Impact: 1.4
Source: NVD

Description

Cybozu Office 10.0.0 to 10.5.0 allows remote authenticated attackers to bypass access restriction to obtain "customapp" information via unspecified vectors.

Affected (9)

Products: Cybozu: Office
Cybozu
1 product
Office
Configuration A
9 vulnerable
Vulnerable SoftwareAffected Versions
Cybozu
Office
Version 10.0.0
Office
Version 10.0.1
Office
Version 10.0.2
Office
Version 10.1.0
Office
Version 10.1.2
Office
Version 10.2.0
Office
Version 10.3.0
Office
Version 10.4.0
Office
Version 10.5.0

Related CWEs

CWE-732
Incorrect Permission Assignment for Critical Resource
The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

References (6)

Source: vultures@jpcert.or.jp
Third Party AdvisoryVDB Entry
Source: vultures@jpcert.or.jp
Source: vultures@jpcert.or.jp
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.