CVE-2017-2116

EUVD-2017-11299
Cybozu Office 10.0.0 to 10.5.0 allows remote authenticated attackers to bypass access restriction to delete "customapp" templates via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 MEDIUM
NETWORK
LOW
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 41%
Affected Products (NVD)
VendorProductVersion
cybozuoffice
10.0.0
cybozuoffice
10.0.1
cybozuoffice
10.0.2
cybozuoffice
10.1.0
cybozuoffice
10.1.2
cybozuoffice
10.2.0
cybozuoffice
10.3.0
cybozuoffice
10.4.0
cybozuoffice
10.5.0
𝑥
= Vulnerable software versions
References
http://jvn.jp/en/jp/JVN17535578/index.html
http://www.securityfocus.com/bid/97717
https://support.cybozu.com/ja-jp/article/9736
http://jvn.jp/en/jp/JVN17535578/index.html
http://www.securityfocus.com/bid/97717
https://support.cybozu.com/ja-jp/article/9736