Published:2022/05/16  Last Updated:2022/07/04

JVN#73897863
Multiple vulnerabilities in Cybozu Garoon

Overview

Cybozu Garoon provided by Cybozu, Inc. contains multiple vulnerabilities.

Products Affected

[CyVDB-1584], [CyVDB-1865], [CyVDB-2670], [CyVDB-2660], [CyVDB-2689], [CyVDB-2692], [CyVDB-2718], [CyVDB-2839], [CyVDB-2841], [CyVDB-2897], [CyVDB-2906], [CyVDB-2911]

  • Cybozu Garoon 4.0.0 to 5.5.1
[CyVDB-2667]、[CyVDB-2940]
  • Cybozu Garoon 4.10.0 to 5.5.1
[CyVDB-2685]
  • Cybozu Garoon 4.6.0 to 5.9.0
[CyVDB-2889]
  • Cybozu Garoon 4.10.2 to 5.5.1
[CyVDB-2932]
  • Cybozu Garoon 4.2.0 to 5.5.1
[CyVDB-3001]
  • Cybozu Garoon 4.0.0 to 5.9.0

Description

Cybozu Garoon provided by Cybozu, Inc. contains multiple vulnerabilities listed below.

  • [CyVDB-1584][CyVDB-2670] Operation restriction bypass vulnerability in Bulletin (CWE-285) - CVE-2022-28718
    CVSS v3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N Base Score: 4.3
    CVSS v2 AV:N/AC:L/Au:S/C:N/I:P/A:N Base Score: 4.0
  • [CyVDB-1865][CyVDB-2692] Operation restriction bypass vulnerability in Workflow (CWE-285) - CVE-2022-27661
    CVSS v3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N Base Score: 4.3
    CVSS v2 AV:N/AC:L/Au:S/C:N/I:P/A:N Base Score: 4.0
  • [CyVDB-2660] Improper input validation vulnerability in Space (CWE-20) - CVE-2022-29892
    CVSS v3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L Base Score: 4.3
    CVSS v2 AV:N/AC:L/Au:S/C:N/I:N/A:P Base Score: 4.0
  • [CyVDB-2667] Cross-site scripting vulnerability in Scheduler (CWE-79) - CVE-2022-29513
    CVSS v3 CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N Base Score: 4.8
    CVSS v2 AV:N/AC:M/Au:S/C:N/I:P/A:N Base Score: 3.5
  • [CyVDB-2685] Browse restriction bypass vulnerability in Bulletin (CWE-284) - CVE-2022-29471
    CVSS v3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Base Score: 4.3
    CVSS v2 AV:N/AC:L/Au:S/C:P/I:N/A:N Base Score: 4.0
  • [CyVDB-2689] Operation restriction bypass vulnerability in Portal (CWE-285) - CVE-2022-26051
    CVSS v3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N Base Score: 4.3
    CVSS v2 AV:N/AC:L/Au:S/C:N/I:P/A:N Base Score: 4.0
  • [CyVDB-2718] Improper input validation vulnerability in Scheduler (CWE-20) - CVE-2022-28692
    CVSS v3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N Base Score: 4.3
    CVSS v2 AV:N/AC:L/Au:S/C:N/I:P/A:N Base Score: 4.0
  • [CyVDB-2839] Improper input validation vulnerability in Space (CWE-20) - CVE-2022-27803
    CVSS v3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N Base Score: 4.3
    CVSS v2 AV:N/AC:L/Au:S/C:N/I:P/A:N Base Score: 4.0
  • [CyVDB-2841] Browse restriction bypass and operation restriction bypass vulnerability in Cabinet (CWE-285) - CVE-2022-26368
    CVSS v3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N Base Score: 5.4
    CVSS v2 AV:N/AC:L/Au:S/C:N/I:P/A:N Base Score: 4.0
  • [CyVDB-2889] Cross-site scripting vulnerability in Organization's Information (CWE-79) - CVE-2022-27627
    CVSS v3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Base Score: 6.1
    CVSS v2 AV:N/AC:M/Au:N/C:N/I:P/A:N Base Score: 4.3
  • [CyVDB-2897] Operation restriction bypass vulnerability in Link (CWE-285) - CVE-2022-26054
    CVSS v3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N Base Score: 4.3
    CVSS v2 AV:N/AC:L/Au:S/C:N/I:P/A:N Base Score: 4.0
  • [CyVDB-2906] Improper input validation vulnerability in Link (CWE-20) - CVE-2022-27807
    CVSS v3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L Base Score: 4.3
    CVSS v2 AV:N/AC:L/Au:S/C:N/I:N/A:P Base Score: 4.0
  • [CyVDB-2932] Address information disclosure vulnerability (CWE-200) - CVE-2022-29467
    CVSS v3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Base Score: 4.3
    CVSS v2 AV:N/AC:L/Au:S/C:P/I:N/A:N Base Score: 4.0
  • [CyVDB-2940] Improper authentication vulnerability in Scheduler (CWE-287) - CVE-2022-28713
    CVSS v3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Base Score: 5.3
    CVSS v2 AV:N/AC:L/Au:N/C:P/I:N/A:N Base Score: 5.0
  • [CyVDB-3001] Operation restriction bypass vulnerability in Space (CWE-285) - CVE-2022-29484
    CVSS v3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N Base Score: 4.3
    CVSS v2 AV:N/AC:L/Au:S/C:N/I:P/A:N Base Score: 4.0
  • [CyVDB-2911] Browse restriction bypass vulnerability in Cabinet (CWE-284) - CVE-2022-31472
    CVSS v3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Base Score: 4.3
    CVSS v2 AV:N/AC:L/Au:S/C:P/I:N/A:N Base Score: 4.0

Impact

  • [CyVDB-1584], [CyVDB-2670]:
    A user who can log in to the product may alter the data of Bulletin.
  • [CyVDB-1865], [CyVDB-2692]:
    A user who can log in to the product may alter the data of Workflow.
  • [CyVDB-2660]:
    A user who can log in to the product may repeatedly display errors in certain functions and cause a denial-of-service (DoS).
  • [CyVDB-2667], [CyVDB-2889]:
    An arbitrary script may be executed on a logged-in user's web browser.
  • [CyVDB-2685]:
    A user who can log in to the product may obtain the data of Bulletin.
  • [CyVDB-2689]:
    A user who can log in to the product may alter the data of Portal.
  • [CyVDB-2718]:
    A user who can log in to the product with administrative privilege may alter the data of Scheduler.
  • [CyVDB-2839]:
    A user who can log in to the product may alter the data of Space.
  • [CyVDB-2841]:
    A user who can log in to the product may alter and/or obtain the data of Cabinet.
  • [CyVDB-2897]:
    A user who can log in to the product may alter the data of Link.
  • [CyVDB-2906]:
    A user who can log in to the product may make it impossible to add Categories.
  • [CyVDB-2932]:
    A user who can log in to the product may obtain some data of Address.
  • [CyVDB-2940]:
    A user may obtain some data of Facility Information without logging in to the product.
  • [CyVDB-3001]:
    A user who can log in to the product may delete the data of Space.
  • [CyVDB-2911]:
    A user who can log in to the product may obtain the data of Cabinet.

Solution

Update the Software
Update to the latest version according to the information provided by the developer.

Vendor Status

Vendor Status Last Update Vendor Notes
Cybozu, Inc. Vulnerable 2022/07/04 Cybozu, Inc. website

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Credit

CVE-2022-27627
Masato Kinugawa reported this vulnerability to Cybozu, Inc. and Cybozu, Inc. reported it to JPCERT/CC to notify users of its solution through JVN.

CVE-2022-26054, CVE-2022-26368, CVE-2022-31472
Yuji Tounai reported these vulnerabilities to Cybozu, Inc. and Cybozu, Inc. reported them to JPCERT/CC to notify users of the solutions through JVN.

CVE-2022-26051, CVE-2022-27661, CVE-2022-27803, CVE-2022-27807, CVE-2022-28692, CVE-2022-28713, CVE-2022-28718, CVE-2022-29467, CVE-2022-29471, CVE-2022-29484, CVE-2022-29513, CVE-2022-29892
Cybozu, Inc. reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.

Update History

2022/07/04
"CyVDB-2911" added to [Products Affected], [Description] and [Impact], another CVE information added to [Other Information], and [Credit] updated.
2022/07/04
Cybozu, Inc. update status