[Japanese]

JVNDB-2018-000053

Multiple vulnerabilities in Cybozu Office

Overview

Cybozu Office provided by Cybozu, Inc. contains multiple vulnerabilities listed below.

*Information disclosure in the application "Message" when viewing an external image (CWE-200) - CVE-2018-0526
*Stored cross-site scripting in "E-mail Details Screen" of the application "E-mail" (CWE-79) - CVE-2018-0527
*Browse restriction bypass in the application "Scheduler" (CWE-264) - CVE-2018-0528
*Denial-of-service (DoS) in the application "Message" due to a flaw in processing of an attached file (CWE-20) - CVE-2018-0529
*Reflected cross-site scripting in the application "MultiReport" (CWE-79) - CVE-2018-0565
*Browse restriction bypass in the application "Scheduler" (CWE-264) - CVE-2018-0566
*Operation restriction bypass in the application "Bulletin" (CWE-264) - CVE-2018-0567

Jun Kokatsu reported CVE-2018-0526 vulnerability to Cybozu, Inc., and Cybozu, Inc. reported it to JPCERT/CC to notify users of its solution through JVN.

Masato Kinugawa reported CVE-2018-0527 and CVE-2018-0565 vulnerabilities to Cybozu, Inc., and Cybozu, Inc. reported it to JPCERT/CC to notify users of its solution through JVN.

Cybozu, Inc. reported CVE-2018-0528, CVE-2018-0529 and CVE-2018-0566 vulnerabilities to JPCERT/CC to notify users of respective solutions through JVN.

Yuji Tounai reported CVE-2018-0567 vulnerability to Cybozu, Inc., and Cybozu, Inc. reported it to JPCERT/CC to notify users of its solution through JVN.
CVSS Severity (What is CVSS?)

CVSS V3 Severity:
Base Metrics 4.3 (Medium) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: Low
CVSS V2 Severity:
Base Metrics 4.3 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Medium
  • Authentication: None
  • Confidentiality Impact: Partial
  • Integrity Impact: None
  • Availability Impact: None
The above CVSS base scores have been assigned for CVE-2018-0526

CVSS V3 Severity:
Base Metrics: 6.1 (Medium) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Changed
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: None
CVSS V2 Severity:
Base Metrics: 4.3 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Medium
  • Authentication: None
  • Confidentiality Impact: None
  • Integrity Impact: Partial
  • Availability Impact: None
The above CVSS base scores have been assigned for CVE-2018-0527

CVSS V3 Severity:
Base Metrics: 4.3 (Medium) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: Low
  • Integrity Impact: None
  • Availability Impact: None
CVSS V2 Severity:
Base Metrics: 3.5 (Low) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Medium
  • Authentication: Single
  • Confidentiality Impact: Partial
  • Integrity Impact: None
  • Availability Impact: None
The above CVSS base scores have been assigned for CVE-2018-0528

CVSS V3 Severity:
Base Metrics: 4.3 (Medium) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: Low
CVSS V2 Severity:
Base Metrics: 5.0 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Low
  • Authentication: None
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: Partial
The above CVSS base scores have been assigned for CVE-2018-0529

CVSS V3 Severity:
Base Metrics: 6.1 (Medium) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Changed
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: None
CVSS V2 Severity:
Base Metrics: 2.6 (Low) [IPA Score]
  • Access Vector: Network
  • Access Complexity: High
  • Authentication: None
  • Confidentiality Impact: None
  • Integrity Impact: Partial
  • Availability Impact: None
The above CVSS base scores have been assigned for CVE-2018-0565

CVSS V3 Severity:
Base Metrics: 4.3 (Medium) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: Low
  • Integrity Impact: None
  • Availability Impact: None
CVSS V2 Severity:
Base Metrics: 3.5 (Low) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Medium
  • Authentication: Single
  • Confidentiality Impact: Partial
  • Integrity Impact: None
  • Availability Impact: None
The above CVSS base scores have been assigned for CVE-2018-0566

CVSS V3 Severity:
Base Metrics: 4.3 (Medium) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: None
  • Integrity Impact: Low
  • Availability Impact: None
CVSS V2 Severity:
Base Metrics: 3.5 (Low) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Medium
  • Authentication: Single
  • Confidentiality Impact: None
  • Integrity Impact: Partial
  • Availability Impact: None
The above CVSS base scores have been assigned for CVE-2018-0567
Affected Products


Cybozu, Inc.
  • Cybozu Office 10.0.0 to 10.7.0 (CVE-2018-0526, CVE-2018-0527, CVE-2018-0528, CVE-2018-0529)
  • Cybozu Office 10.0.0 to 10.8.0 (CVE-2018-0565, CVE-2018-0566, CVE-2018-0567)

Impact

*If a user browses a message, an attached image located in an external server may be displayed without the user's permission - CVE-2018-0526
*An arbitrary script may be executed on the logged in user's web browser - CVE-2018-0527, CVE-2018-0565
*A user who can login to the product may view the schedules that are not permitted to access - CVE-2018-0528
*Attaching a specially crafted image file in "Compose E-mail screen" by a user may result in Denial-of-service (DoS) condition - CVE-2018-0529
*The schedule may be obtained by a user who does not have privileges to access - CVE-2018-0566
*A user without privileges may access and write data prior to being public - CVE-2018-0567
Solution

[Update the Software]
Update to the latest version according to the information provided by the developer.
Vendor Information

Cybozu, Inc.
CWE (What is CWE?)

  1. Improper Input Validation(CWE-20) [IPA Evaluation]
  2. Information Exposure(CWE-200) [IPA Evaluation]
  3. Permissions(CWE-264) [IPA Evaluation]
  4. Cross-site Scripting(CWE-79) [IPA Evaluation]
CVE (What is CVE?)

  1. CVE-2018-0526
  2. CVE-2018-0527
  3. CVE-2018-0528
  4. CVE-2018-0529
  5. CVE-2018-0565
  6. CVE-2018-0566
  7. CVE-2018-0567
References

  1. JVN : JVN#51737843
  2. National Vulnerability Database (NVD) : CVE-2018-0565
  3. National Vulnerability Database (NVD) : CVE-2018-0566
  4. National Vulnerability Database (NVD) : CVE-2018-0567
  5. National Vulnerability Database (NVD) : CVE-2018-0526
  6. National Vulnerability Database (NVD) : CVE-2018-0527
  7. National Vulnerability Database (NVD) : CVE-2018-0528
  8. National Vulnerability Database (NVD) : CVE-2018-0529
Revision History

  • [2018/05/22]
      Web page was published
  • [2018/08/30]
      References : Contents were added

Date Public2018/05/22
Date First Published2018/05/22
Date Last Updated2018/08/30