PT-2021-14087 · Cybozu · Cybozu Office

Published

2021-03-18

Updated

2022-07-12

CVE-2021-20626

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions: Cybozu Office versions 10.0.0 through 10.8.4

Description: The issue is related to an improper access control vulnerability in the Workflow of Cybozu Office, allowing authenticated attackers to bypass access restrictions and alter Workflow data via unspecified vectors.

Recommendations: For Cybozu Office versions 10.0.0 through 10.8.4, update to a version that includes the fix for this issue to prevent exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2021-20626

Affected Products

Cybozu Office

PT-2021-14087 · Cybozu · Cybozu Office

CVE-2021-20626

Related Identifiers

Affected Products

References · 6