[Japanese]

JVNDB-2013-001470

Accela BizSearch Gateway Option for TeamWARE Spoofing Vulnerability

Overview

Accela BizSearch Gateway Option for TeamWARE, when the TeamWARE Gateway and Single Sign-On are enabled, which allows remote attackers to spoof user accounts of TeamWARE Office under specified conditions.
CVSS Severity (What is CVSS?)

CVSS V2 Severity:
Base Metrics 6.8 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Medium
  • Authentication: None
  • Confidentiality Impact: Partial
  • Integrity Impact: Partial
  • Availability Impact: Partial
Affected Products


Accela Technology
  • Accela BizSearch Gateway Option for TeamWARE V3.0L10
  • Accela BizSearch Gateway Option for TeamWARE V3.1L10
  • Accela BizSearch Gateway Option for TeamWARE V3.2L10
  • Accela BizSearch Gateway Option for TeamWARE V3.2L20
  • eAccela BizSearch Gateway Option for TeamWARE V1.0
  • eAccela BizSearch Gateway Option for TeamWARE V2.0
  • eAccela BizSearch Gateway Option for TeamWARE V2.1

Impact

A remote attacker could spoof user accounts of TeamWARE Office under specified conditions.
Solution

Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action.
Vendor Information

Accela Technology FUJITSU
CWE (What is CWE?)

  1. No Mapping(CWE-noinfo) [IPA Evaluation]
CVE (What is CVE?)

References

Revision History

  • [2013/02/13]
      Web page was published

Date Public2013/02/05
Date First Published2013/02/13
Date Last Updated2013/02/13