CVE-2017-2095

Cybozu Garoon 3.0.0 to 4.2.3 allows remote authenticated attackers to bypass access restriction in the mail function leading to an alteration of the order of mail folders via unspecified vectors.

Published: Apr 28, 2017
Updated: Apr 13, 2023
CVE: CVE-2017-2095
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 4.3
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

CVSS v2:

Severity: Low
Score: 4
AV:N/AC:L/Au:S/C:N/I:P/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
cybozu / garoon	3.0.2	3.0.2.x
cybozu / garoon	3.5.5	3.5.5.x
cybozu / garoon	4.0.3	4.0.3.x
cybozu / garoon	3.5.1	3.5.1.x
cybozu / garoon	4.0.0	4.0.0.x
cybozu / garoon	3.1.1	3.1.1.x
cybozu / garoon	3.7.4	3.7.4.x
cybozu / garoon	3.7.2	3.7.2.x
cybozu / garoon	3.5.3	3.5.3.x
cybozu / garoon	4.2.1	4.2.1.x
cybozu / garoon	3.0.0	3.0.0.x
cybozu / garoon	3.5.0	3.5.0.x
cybozu / garoon	3.0.3	3.0.3.x
cybozu / garoon	3.7.0	3.7.0.x
cybozu / garoon	3.1.0	3.1.0.x
cybozu / garoon	3.5.2	3.5.2.x
cybozu / garoon	4.0.1	4.0.1.x
cybozu / garoon	3.7.5	3.7.5.x
cybozu / garoon	3.1.3	3.1.3.x
cybozu / garoon	4.2.2	4.2.2.x
cybozu / garoon	4.0.2	4.0.2.x
cybozu / garoon	4.2.0	4.2.0.x
cybozu / garoon	4.2.3	4.2.3.x
cybozu / garoon	3.0.1	3.0.1.x
cybozu / garoon	3.7.1	3.7.1.x
cybozu / garoon	3.1.2	3.1.2.x
cybozu / garoon	3.7.3	3.7.3.x
cybozu / garoon	3.5.4	3.5.4.x

Vulnerability Database

289,871

CVE-2017-2095