PT-2021-14093 · Cybozu · Cybozu Office

Published

2021-03-18

Updated

2021-03-23

CVE-2021-20632

CVSS v3.1

4.3

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions: Cybozu Office versions 10.0.0 through 10.8.4

Description: The issue is related to improper access control in the Bulletin Board component, allowing authenticated attackers to bypass access restrictions and obtain data via unspecified vectors.

Recommendations: For versions 10.0.0 through 10.8.4, update to a version that includes the fix for the improper access control vulnerability in the Bulletin Board component.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2021-20632

Affected Products

Cybozu Office

PT-2021-14093 · Cybozu · Cybozu Office

CVE-2021-20632

Related Identifiers

Affected Products

References · 7