CVE-2017-2115

Cybozu Office 10.0.0 to 10.5.0 allows remote authenticated attackers to bypass access restriction to obtain "customapp" information via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 MEDIUM
NETWORK
LOW
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
jpcertCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 33%
VendorProductVersion
cybozuoffice
10.0.0
cybozuoffice
10.0.1
cybozuoffice
10.0.2
cybozuoffice
10.1.0
cybozuoffice
10.1.2
cybozuoffice
10.2.0
cybozuoffice
10.3.0
cybozuoffice
10.4.0
cybozuoffice
10.5.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://jvn.jp/en/jp/JVN17535578/index.html
http://www.securityfocus.com/bid/97717
https://support.cybozu.com/ja-jp/article/9737
http://jvn.jp/en/jp/JVN17535578/index.html
http://www.securityfocus.com/bid/97717
https://support.cybozu.com/ja-jp/article/9737