CVE-2019-5942

Name of the Vulnerable Software and Affected Versions Cybozu Garoon versions 4.0.0 through 4.10.1

Description The issue allows remote authenticated attackers to bypass access restrictions and obtain files without proper access privileges. This is achieved through the Multiple Files Download function of the 'Cabinet' application.

Recommendations For versions 4.0.0 through 4.10.1, consider disabling the Multiple Files Download function of the 'Cabinet' application as a temporary workaround to minimize the risk of exploitation. Restrict access to sensitive files to prevent unauthorized access until a fix is available.