CVSS: 5.4EPSS: 0%CPEs: 6EXPL: 0CVE-2017-2114
https://notcve.org/view.php?id=CVE-2017-2114
Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.5.0 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de cross-site scripting en Cybozu Office 10.0.0 hasta 10.5.0 permite a un atacante remoto autenticado inyectar script web o HTML a través de vectores no especificados. • http://jvn.jp/en/jp/JVN17535578/index.html http://www.securityfocus.com/bid/97717 https://support.cybozu.com/ja-jp/article/9738 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 9EXPL: 0CVE-2017-2116
https://notcve.org/view.php?id=CVE-2017-2116
Cybozu Office 10.0.0 to 10.5.0 allows remote authenticated attackers to bypass access restriction to delete "customapp" templates via unspecified vectors. Cybozu Office 10.0.0 hasta 10.5.0 permite a un atacante remoto autenticado sortear la restricción de acceso para borrar plantillas "customapp" a través de vectores no especificados. • http://jvn.jp/en/jp/JVN17535578/index.html http://www.securityfocus.com/bid/97717 https://support.cybozu.com/ja-jp/article/9736 •
CVSS: 4.9EPSS: 0%CPEs: 7EXPL: 0CVE-2016-7815
https://notcve.org/view.php?id=CVE-2016-7815
Remote Service Manager 3.0.0 to 3.1.4 fails to verify client certificates, which may allow remote attackers to gain access to systems on the network. Remote Service Manager 3.0.0 a 3.1.4 no verifica los certificados de cliente, lo que puede permitir a atacantes remotos acceder a los sistemas de la red. • http://jvn.jp/en/jp/JVN19241292/index.html http://www.securityfocus.com/bid/95379 https://support.cybozu.com/ja-jp/article/9689 • CWE-295: Improper Certificate Validation •
CVSS: 4.3EPSS: 0%CPEs: 28EXPL: 0CVE-2017-2095
https://notcve.org/view.php?id=CVE-2017-2095
Cybozu Garoon 3.0.0 to 4.2.3 allows remote authenticated attackers to bypass access restriction in the mail function leading to an alteration of the order of mail folders via unspecified vectors. Cybozu Garoon 3.0.0 hasta 4.2.3 permiten a un atacante remoto autenticado sortear la restricción de acceso en la función mail, consiguiendo una alteración del orden de las carpetas de correo a través de vectores no especificados. • http://jvn.jp/en/jp/JVN73182875/index.html http://www.securityfocus.com/bid/96429 https://support.cybozu.com/ja-jp/article/9660 •
CVSS: 4.3EPSS: 0%CPEs: 28EXPL: 0CVE-2017-2091
https://notcve.org/view.php?id=CVE-2017-2091
Cybozu Garoon 3.0.0 to 4.2.3 allows remote authenticated attackers to bypass access restriction in Phone Messages function to alter the status of phone messages via unspecified vectors. Cybozu Garoon 3.0.0 hasta 4.2.3 permiten a un atacante remoto autenticado sortear la restricción de acceso en la función Phone Messages para alterar el estado de los mensajes del teléfono a través de vectores no especificados. • http://jvn.jp/en/jp/JVN73182875/index.html http://www.securityfocus.com/bid/96429 https://support.cybozu.com/ja-jp/article/9570 •