MEDIUM🇬🇧 English

CVE-2026-22888

CVSS 6.9v4.0pub. 2026-02-02upd. 2026-02-19

Improper input verification issue exists in Cybozu Garoon 5.0.0 to 6.0.3, which may lead to unauthorized alteration of portal settings, potentially blocking access to the product.

oryginał EN
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • Cybozu Garoon

    APP
    Cybozu
    5.0.0 – 6.0.3 (bez)
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2024-31401CRITICAL9.0PL ✓ten sam produkt

XSS w Cybozu Garoon umożliwia wstrzyknięcie skryptu przez administratora

CVE-2019-5945CRITICAL9.8ten sam produkt

Cybozu Garoon 4.2.4 to 4.10.1 allow remote attackers to obtain the users' credential information via the authe...

CVE-2016-1219CRITICAL9.8ten sam produkt

Cybozu Garoon before 4.2.2 allows remote attackers to bypass login authentication via vectors related to API u...

CVE-2022-30602HIGH8.1ten sam produkt

Operation restriction bypass in multiple applications of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenti...

CVE-2022-29484HIGH8.1ten sam produkt

Operation restriction bypass vulnerability in Space of Cybozu Garoon 4.0.0 to 5.9.0 allows a remote authentica...