CVE-2019-5933

Name of the Vulnerable Software and Affected Versions Cybozu Garoon versions 4.0.0 through 4.10.0

Description The issue allows remote authenticated attackers to bypass access restrictions and view the Bulletin Board without having the necessary view privileges. This is achieved via the 'Bulletin' application.

Recommendations For versions 4.0.0 through 4.10.0, consider restricting access to the 'Bulletin' application until a fix is available. As a temporary workaround, review and adjust the access privileges for the Bulletin Board to minimize the risk of unauthorized access.