CVE-2016-1219

Name of the Vulnerable Software and Affected Versions Cybozu Garoon versions prior to 4.2.2

Description The issue allows remote attackers to bypass login authentication. This is related to the use of API endpoints, though specific details about the endpoints, such as /api/v1/login, are not provided. The bypass is achieved through vectors related to API use, potentially involving vulnerable parameters or variables, but these are not explicitly specified.

Recommendations For versions prior to 4.2.2, update to version 4.2.2 or later to resolve the issue. As a temporary workaround, consider restricting access to API endpoints related to login authentication until the update can be applied.