Ixama

**Name of the Vulnerable Software and Affected Versions** Cybozu Garoon versions 4.0.0 through 4.10.1 **Description** The issue allows remote authenticated attackers to bypass access restrictions, enabling them to view information without having the necessary view privileges. This is achievable through the 'Bulletin' and 'Cabinet' applications. **Recommendations** For versions 4.0.0 through 4.10.1, consider restricting access to the 'Bulletin' and 'Cabinet' applications until a fix is available, to minimize the risk of unauthorized information viewing.

**Name of the Vulnerable Software and Affected Versions** Cybozu Garoon versions 3.5.0 through 4.6.1 **Description** The issue allows remote authenticated attackers to bypass access restrictions, enabling them to view the closed title of "Cabinet" through unspecified vectors. **Recommendations** For Cybozu Garoon versions 3.5.0 through 4.6.1, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Cybozu Garoon versions prior to 4.2.1 **Description** The issue allows remote attackers to cause a denial of service. **Recommendations** For versions prior to 4.2.1, update to version 4.2.1 or later to resolve the issue.