MEDIUM🇵🇱 Wersja polska

CVE-2024-31397

CVSS 4.9v3.1pub. 2024-06-11upd. 2026-02-13

Improper handling of extra values issue exists in Cybozu Garoon 5.0.0 to 5.15.2. If this vulnerability is exploited, a user who can log in to the product with the administrative privilege may be able to cause a denial-of-service (DoS) condition.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  • Cybozu Garoon

    APP
    Cybozu
    5.0.0 – 5.15.2 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2024-31401CRITICAL9.0PL ✓ten sam produkt

XSS w Cybozu Garoon umożliwia wstrzyknięcie skryptu przez administratora

CVE-2019-5945CRITICAL9.8ten sam produkt

Cybozu Garoon 4.2.4 to 4.10.1 allow remote attackers to obtain the users' credential information via the authe...

CVE-2016-1219CRITICAL9.8ten sam produkt

Cybozu Garoon before 4.2.2 allows remote attackers to bypass login authentication via vectors related to API u...

CVE-2022-30602HIGH8.1ten sam produkt

Operation restriction bypass in multiple applications of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenti...

CVE-2022-29484HIGH8.1ten sam produkt

Operation restriction bypass vulnerability in Space of Cybozu Garoon 4.0.0 to 5.9.0 allows a remote authentica...