Published:2018/04/09  Last Updated:2018/04/09

JVN#65268217
Multiple vulnerabilities in Cybozu Garoon

Overview

Cybozu Garoon provided by Cybozu, Inc. contains multiple vulnerabilities.

Products Affected

  • Cybozu Garoon 3.5.0 to 4.2.6 (CVE-2018-0530)
  • Cybozu Garoon 3.0.0 to 4.2.6 (CVE-2018-0531, CVE-2018-0532, CVE-2018-0533)
  • Cybozu Garoon 4.0.0 to 4.6.0 (CVE-2018-0548)
  • Cybozu Garoon 3.0.0 to 4.6.0 (CVE-2018-0549)
  • Cybozu Garoon 3.5.0 to 4.6.1 (CVE-2018-0550)
  • Cybozu Garoon 3.0.0 to 4.6.1 (CVE-2018-0551)

Description

Cybozu Garoon provided by Cybozu, Inc. contains multiple vulnerabilities listed below.

  • SQL injection in the application "Address" (CWE-89) - CVE-2018-0530
    CVSS v3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Base Score: 6.5
    CVSS v2 AV:N/AC:L/Au:S/C:P/I:N/A:N Base Score: 4.0
  • Operation restriction bypass in the "Folder settings" (CWE-264) - CVE-2018-0531
    CVSS v3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N Base Score: 5.4
    CVSS v2 AV:N/AC:L/Au:S/C:P/I:P/A:N Base Score: 5.5
  • Operation restriction bypass in the setting of Login authentication (CWE-264) - CVE-2018-0532
    CVSS v3 CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H Base Score: 5.9
    CVSS v2 AV:N/AC:M/Au:S/C:N/I:P/A:P Base Score: 4.9
  • Operation restriction bypass in the setting of Session authentication (CWE-264) - CVE-2018-0533
    CVSS v3 CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H Base Score: 4.4
    CVSS v2 AV:N/AC:M/Au:S/C:N/I:N/A:P Base Score: 3.5
  • Browse restriction bypass in the application "Space" (CWE-264) - CVE-2018-0548
    CVSS v3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Base Score: 4.3
    CVSS v2 AV:N/AC:M/Au:S/C:P/I:N/A:N Base Score: 3.5
  • Stored cross-site scripting in "Rich text" of the application "Message" (CWE-79) - CVE-2018-0549
    CVSS v3 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N Base Score: 5.4
    CVSS v2 AV:N/AC:M/Au:S/C:N/I:P/A:N Base Score: 3.5
  • Browse restriction bypass in the application "Cabinet" (CWE-264) - CVE-2018-0550
    CVSS v3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Base Score: 4.3
    CVSS v2 AV:N/AC:M/Au:S/C:P/I:N/A:N Base Score: 3.5
  • Stored cross-site scripting in "Rich text" of the application "Space" (CWE-79) - CVE-2018-0551
    CVSS v3 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N Base Score: 5.4
    CVSS v2 AV:N/AC:M/Au:S/C:N/I:P/A:N Base Score: 3.5

Impact

  • A user who can login to the product may obtain information stored in the database. - CVE-2018-0530
  • A user with operational administrative privileges for 1 or more folders may view or alter an access privilege of folder and/or notification setting. - CVE-2018-0531
  • A user who can login to the product with administrative privileges may alter setting data of the Standard database. - CVE-2018-0532
  • A user who can login to the product with administrative privileges may alter setting data of session authentication. - CVE-2018-0533
  • A user can login to the product may view the closed title of "Space". - CVE-2018-0548
  • An arbitrary script may be executed on the logged in user's web browser - CVE-2018-0549, CVE-2018-0551
  • A user who can login to the product may view the folder names without appropriate privileges. - CVE-2018-0550

Solution

Update the Software
Update to the latest version according to the information provided by the developer.

Vendor Status

Vendor Status Last Update Vendor Notes
Cybozu, Inc. Vulnerable 2018/04/09 Cybozu, Inc. website

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Credit

Cybozu, Inc. reported CVE-2018-0530, CVE-2018-0531, CVE-2018-0532, CVE-2018-0533 and CVE-2018-0548 vulnerabilities to JPCERT/CC to notify users of respective solutions through JVN.

Jun Kokatsu reported CVE-2018-0549 vulnerability to Cybozu, Inc., and Cybozu, Inc. reported it to JPCERT/CC to notify users of its solution through JVN.

ixama reported CVE-2018-0550 vulnerability to Cybozu, Inc., and Cybozu, Inc. reported it to JPCERT/CC to notify users of its solution through JVN.

Masato Kinugawa reported CVE-2018-0551 vulnerability to Cybozu, Inc., and Cybozu, Inc. reported it to JPCERT/CC to notify users of its solution through JVN.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE CVE-2018-0530
CVE-2018-0531
CVE-2018-0532
CVE-2018-0533
CVE-2018-0548
CVE-2018-0549
CVE-2018-0550
CVE-2018-0551
JVN iPedia JVNDB-2018-000031

Update History

2018/04/09
Fixed information under [Products Affected]