[Japanese]

JVNDB-2019-000023

Multiple vulnerabilities in Cybozu Garoon

Overview

Cybozu Garoon provided by Cybozu, Inc. contains multiple vulnerabilities listed below.

* Cross-site scripting in the additional processing of Customize Item function (CWE-79) - CVE-2019-5928
* Cross-site scripting in the application "Memo" (CWE-79) - CVE-2019-5929
* Browse restriction bypass in the application "Management of Basic System" (CWE-264) - CVE-2019-5930
* Improper verification of file path in installer (CWE-20) - CVE-2019-5931
* Stored cross-site scripting in the application "Portal" (CWE-79) - CVE-2019-5932
* Browse restriction bypass in the application "Bulletin" (CWE-284) - CVE-2019-5933
* SQL injection in the Log Search function of application "logging" (CWE-89) - CVE-2019-5934
* Operation restriction bypass in the Item function of User Information (CWE-264) - CVE-2019-5935
* Directory traversal in the application "Work Flow" (CWE-22) - CVE-2019-5936
* Cross-site scripting in the user information (CWE-79) - CVE-2019-5937
* Stored cross-site scripting in the application "Mail" (CWE-79) - CVE-2019-5938
* Cross-site scripting in the application "Portal" (CWE-79) - CVE-2019-5939
* Cross-site scripting in the application "Scheduler" (CWE-79) - CVE-2019-5940
* Operation restriction bypass in the application "Multi Report" (CWE-264) - CVE-2019-5941
* Browse restriction bypass in the Multiple Files Download function of application "Cabinet" (CWE-284) - CVE-2019-5942
* Browse restriction bypass in the application "Bulletin" and the application "Cabinet" (CWE-284) - CVE-2019-5943
* Operation restriction bypass in the application "Address" (CWE-264) - CVE-2019-5944
* Information disclosure in the authentication of Cybozu Garoon (CWE-287) - CVE-2019-5945
* Open redirect in the Login Screen (CWE-601) - CVE-2019-5946
* Cross-site scripting in the application "Cabinet" (CWE-79) - CVE-2019-5947
* Server-side request forgery in the V-CUBE Meeting function (CWE-918) - CVE-2020-5562

Cybozu, Inc. reported the following vulnerabilities to JPCERT/CC to notify users of the solution through JVN.

* CVE-2019-5928, CVE-2019-5930, CVE-2019-5931, CVE-2019-5932, CVE-2019-5935, CVE-2019-5936, CVE-2019-5942 and CVE-2019-5947 by Cybozu, Inc.
* CVE-2019-5929, CVE-2019-5937, CVE-2019-5938, CVE-2019-5939 and CVE-2019-5940 by Masato Kinugawa
* CVE-2019-5933, CVE-2019-5941 and CVE-2019-5946 by Yuji Tounai
* CVE-2019-5934 and CVE-2019-5945 by Toshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc.
* CVE-2019-5943 by ixama
* CVE-2019-5944 by Tanghaifeng
* CVE-2020-5562 by Kanta Nishitani
CVSS Severity (What is CVSS?)

CVSS V3 Severity:
Base Metrics 6.0 (Medium) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: High
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: High
  • Integrity Impact: Low
  • Availability Impact: Low
CVSS V2 Severity:
Base Metrics 6.5 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Low
  • Authentication: Single Instance
  • Confidentiality Impact: Partial
  • Integrity Impact: Partial
  • Availability Impact: Partial
The above CVSS base scores have been assigned for CVE-2019-5934


CVSS V3 Severity:
Base Metrics: 6.1 (Medium) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Changed
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: None
CVSS V2 Severity:
Base Metrics: 2.6 (Low) [IPA Score]
  • Access Vector: Network
  • Access Complexity: High
  • Authentication: None
  • Confidentiality Impact: None
  • Integrity Impact: Partial
  • Availability Impact: None
The above CVSS base scores have been assigned for CVE-2019-5928


CVSS V3 Severity:
Base Metrics: 6.1 (Medium) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Changed
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: None
CVSS V2 Severity:
Base Metrics: 5.0 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Low
  • Authentication: None
  • Confidentiality Impact: None
  • Integrity Impact: Partial
  • Availability Impact: None
The above CVSS base scores have been assigned for CVE-2019-5929


CVSS V3 Severity:
Base Metrics: 4.3 (Medium) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: Low
  • Integrity Impact: None
  • Availability Impact: None
CVSS V2 Severity:
Base Metrics: 4.0 (Low) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Low
  • Authentication: Single
  • Confidentiality Impact: Partial
  • Integrity Impact: None
  • Availability Impact: None
The above CVSS base scores have been assigned for CVE-2019-5930


CVSS V3 Severity:
Base Metrics: 6.0 (Medium) [IPA Score]
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: High
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: None
  • Integrity Impact: High
  • Availability Impact: High
CVSS V2 Severity:
Base Metrics: 4.9 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Medium
  • Authentication: Single
  • Confidentiality Impact: None
  • Integrity Impact: Partial
  • Availability Impact: Partial
The above CVSS base scores have been assigned for CVE-2019-5931


CVSS V3 Severity:
Base Metrics: 4.8 (Medium) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: High
  • User Interaction: Required
  • Scope: Changed
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: None
CVSS V2 Severity:
Base Metrics: 3.5 (Low) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Medium
  • Authentication: Single
  • Confidentiality Impact: None
  • Integrity Impact: Partial
  • Availability Impact: None
The above CVSS base scores have been assigned for CVE-2019-5932


CVSS V3 Severity:
Base Metrics: 4.3 (Medium) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: Low
  • Integrity Impact: None
  • Availability Impact: None
CVSS V2 Severity:
Base Metrics: 3.5 (Low) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Medium
  • Authentication: Single
  • Confidentiality Impact: Partial
  • Integrity Impact: None
  • Availability Impact: None
The above CVSS base scores have been assigned for CVE-2019-5933


CVSS V3 Severity:
Base Metrics: 6.0 (Medium) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: High
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: High
  • Integrity Impact: Low
  • Availability Impact: Low
CVSS V2 Severity:
Base Metrics: 6.5 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Low
  • Authentication: Single
  • Confidentiality Impact: Partial
  • Integrity Impact: Partial
  • Availability Impact: Partial
The above CVSS base scores have been assigned for CVE-2019-5934


CVSS V3 Severity:
Base Metrics: 4.3 (Medium) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: None
  • Integrity Impact: Low
  • Availability Impact: None
CVSS V2 Severity:
Base Metrics: 4.0 (Low) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Low
  • Authentication: Single
  • Confidentiality Impact: None
  • Integrity Impact: Partial
  • Availability Impact: None
The above CVSS base scores have been assigned for CVE-2019-5935


CVSS V3 Severity:
Base Metrics: 5.4 (Medium) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: None
CVSS V2 Severity:
Base Metrics: 5.5 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Low
  • Authentication: Single
  • Confidentiality Impact: Partial
  • Integrity Impact: Partial
  • Availability Impact: None
The above CVSS base scores have been assigned for CVE-2019-5936


CVSS V3 Severity:
Base Metrics: 5.4 (Medium) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: Required
  • Scope: Changed
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: None
CVSS V2 Severity:
Base Metrics: 3.5 (Low) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Medium
  • Authentication: Single
  • Confidentiality Impact: None
  • Integrity Impact: Partial
  • Availability Impact: None
The above CVSS base scores have been assigned for CVE-2019-5937


CVSS V3 Severity:
Base Metrics: 6.1 (Medium) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Changed
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: None
CVSS V2 Severity:
Base Metrics: 4.3 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Medium
  • Authentication: None
  • Confidentiality Impact: None
  • Integrity Impact: Partial
  • Availability Impact: None
The above CVSS base scores have been assigned for CVE-2019-5938


CVSS V3 Severity:
Base Metrics: 6.1 (Medium) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Changed
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: None
CVSS V2 Severity:
Base Metrics: 2.6 (Low) [IPA Score]
  • Access Vector: Network
  • Access Complexity: High
  • Authentication: None
  • Confidentiality Impact: None
  • Integrity Impact: Partial
  • Availability Impact: None
The above CVSS base scores have been assigned for CVE-2019-5939


CVSS V3 Severity:
Base Metrics: 6.1 (Medium) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Changed
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: None
CVSS V2 Severity:
Base Metrics: 2.6 (Low) [IPA Score]
  • Access Vector: Network
  • Access Complexity: High
  • Authentication: None
  • Confidentiality Impact: None
  • Integrity Impact: Partial
  • Availability Impact: None
The above CVSS base scores have been assigned for CVE-2019-5940


CVSS V3 Severity:
Base Metrics: 4.3 (Medium) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: None
  • Integrity Impact: Low
  • Availability Impact: None
CVSS V2 Severity:
Base Metrics: 4.0 (Low) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Low
  • Authentication: Single
  • Confidentiality Impact: None
  • Integrity Impact: Partial
  • Availability Impact: None
The above CVSS base scores have been assigned for CVE-2019-5941


CVSS V3 Severity:
Base Metrics: 4.3 (Medium) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: Low
  • Integrity Impact: None
  • Availability Impact: None
CVSS V2 Severity:
Base Metrics: 4.0 (Low) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Low
  • Authentication: Single
  • Confidentiality Impact: Partial
  • Integrity Impact: None
  • Availability Impact: None
The above CVSS base scores have been assigned for CVE-2019-5942


CVSS V3 Severity:
Base Metrics: 4.3 (Medium) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: Low
  • Integrity Impact: None
  • Availability Impact: None
CVSS V2 Severity:
Base Metrics: 4.0 (Low) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Low
  • Authentication: Single
  • Confidentiality Impact: Partial
  • Integrity Impact: None
  • Availability Impact: None
The above CVSS base scores have been assigned for CVE-2019-5943


CVSS V3 Severity:
Base Metrics: 4.3 (Medium) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: None
  • Integrity Impact: Low
  • Availability Impact: None
CVSS V2 Severity:
Base Metrics: 4.0 (Low) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Low
  • Authentication: Single
  • Confidentiality Impact: None
  • Integrity Impact: Partial
  • Availability Impact: None
The above CVSS base scores have been assigned for CVE-2019-5944


CVSS V3 Severity:
Base Metrics: 5.3 (Medium) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
  • Confidentiality Impact: High
  • Integrity Impact: None
  • Availability Impact: None
CVSS V2 Severity:
Base Metrics: 4.3 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Medium
  • Authentication: None
  • Confidentiality Impact: Partial
  • Integrity Impact: None
  • Availability Impact: None
The above CVSS base scores have been assigned for CVE-2019-5945


CVSS V3 Severity:
Base Metrics: 7.4 (High) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Changed
  • Confidentiality Impact: High
  • Integrity Impact: None
  • Availability Impact: None
CVSS V2 Severity:
Base Metrics: 4.3 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Medium
  • Authentication: None
  • Confidentiality Impact: Partial
  • Integrity Impact: None
  • Availability Impact: None
The above CVSS base scores have been assigned for CVE-2019-5946


CVSS V3 Severity:
Base Metrics: 5.4 (Medium) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: Required
  • Scope: Changed
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: None
CVSS V2 Severity:
Base Metrics: 4.0 (Low) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Low
  • Authentication: Single
  • Confidentiality Impact: None
  • Integrity Impact: Partial
  • Availability Impact: None
The above CVSS base scores have been assigned for CVE-2019-5947
The above CVSS base scores have been assigned for CVE-2019-5947


CVSS V3 Severity:
Base Metrics: 6.8 (Medium) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: High
  • User Interaction: None
  • Scope: Changed
  • Confidentiality Impact: None
  • Integrity Impact: High
  • Availability Impact: None
CVSS V2 Severity:
Base Metrics: 3.5 (Low) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Medium
  • Authentication: Single
  • Confidentiality Impact: None
  • Integrity Impact: Partial
  • Availability Impact: None
The above CVSS base scores have been assigned for CVE-2020-5562
Affected Products


Cybozu, Inc.
  • Cybozu Garoon 4.0.0 to 4.6.3 (CVE-2019-5928 to CVE-2019-5931)
  • Cybozu Garoon 4.6.0 to 4.6.3 (CVE-2019-5932 and CVE-2020-5562)
  • Cybozu Garoon 4.0.0 to 4.10.0 (CVE-2019-5933 and CVE-2019-5934)
  • Cybozu Garoon 4.0.0 to 4.10.1 (CVE-2019-5935 to CVE-2019-5944)
  • Cybozu Garoon 4.2.4 to 4.10.1 (CVE-2019-5945 and CVE-2019-5946)
  • Cybozu Garoon 4.6.0 to 4.10.1 (CVE-2019-5947)

Impact

* An arbitrary script may be executed on a user's web browser. - CVE-2019-5929
* An arbitrary script may be executed on a logged in user's web browser. - CVE-2019-5928, CVE-2019-5932, CVE-2019-5937, CVE-2019-5938, CVE-2019-5939, CVE-2019-5940, CVE-2019-5947
* A user, who can login to the product, may view the information without view privileges. - CVE-2019-5930, CVE-2019-5943
* Information may be altered with the privilege of the user invoking the installer. - CVE-2019-5931
* A user, who can login to the product, may view the Bulletin Board without view privileges. - CVE-2019-5933
* A user, who can access to the product with administrative privileges, may execute an arbitrary SQL commands. - CVE-2019-5934
* A remote attacker may change user information without access privileges. - CVE-2019-5935
* A user, who can login to the product, may obtain file without access privileges. - CVE-2019-5936, CVE-2019-5942
* A user, who can login to the product, may alter the Report without access privileges. - CVE-2019-5941
* A user, who can login to the product, may alter the contents of application "Address" without modify privileges. - CVE-2019-5944
* Users' credential information may be disclosed. - CVE-2019-5945
* When accessing a specially crafted URL, a user may be redirected to an arbitrary website. - CVE-2019-5946
* A user who can login to the product with an administrative privilege may issue arbitrary HTTP requests to other web servers from the product - CVE-2020-5562
Solution

[Update the Software]
Update to the latest version according to the information provided by the developer.
Vendor Information

Cybozu, Inc.
CWE (What is CWE?)

  1. Improper Input Validation(CWE-20) [IPA Evaluation]
  2. Information Exposure(CWE-200) [IPA Evaluation]
  3. Path Traversal(CWE-22) [IPA Evaluation]
  4. Permissions(CWE-264) [IPA Evaluation]
  5. Cross-site Scripting(CWE-79) [IPA Evaluation]
  6. SQL Injection(CWE-89) [IPA Evaluation]
  7. No Mapping(CWE-Other) [IPA Evaluation]
CVE (What is CVE?)

  1. CVE-2020-5562
  2. CVE-2019-5928
  3. CVE-2019-5929
  4. CVE-2019-5930
  5. CVE-2019-5931
  6. CVE-2019-5932
  7. CVE-2019-5933
  8. CVE-2019-5934
  9. CVE-2019-5935
  10. CVE-2019-5936
  11. CVE-2019-5937
  12. CVE-2019-5938
  13. CVE-2019-5939
  14. CVE-2019-5940
  15. CVE-2019-5941
  16. CVE-2019-5942
  17. CVE-2019-5943
  18. CVE-2019-5944
  19. CVE-2019-5945
  20. CVE-2019-5946
  21. CVE-2019-5947
References

  1. JVN : JVN#58849431
  2. National Vulnerability Database (NVD) : CVE-2019-5928
  3. National Vulnerability Database (NVD) : CVE-2019-5929
  4. National Vulnerability Database (NVD) : CVE-2019-5930
  5. National Vulnerability Database (NVD) : CVE-2019-5931
  6. National Vulnerability Database (NVD) : CVE-2019-5932
  7. National Vulnerability Database (NVD) : CVE-2019-5933
  8. National Vulnerability Database (NVD) : CVE-2019-5934
  9. National Vulnerability Database (NVD) : CVE-2019-5935
  10. National Vulnerability Database (NVD) : CVE-2019-5936
  11. National Vulnerability Database (NVD) : CVE-2019-5937
  12. National Vulnerability Database (NVD) : CVE-2019-5938
  13. National Vulnerability Database (NVD) : CVE-2019-5939
  14. National Vulnerability Database (NVD) : CVE-2019-5940
  15. National Vulnerability Database (NVD) : CVE-2019-5941
  16. National Vulnerability Database (NVD) : CVE-2019-5942
  17. National Vulnerability Database (NVD) : CVE-2019-5943
  18. National Vulnerability Database (NVD) : CVE-2019-5944
  19. National Vulnerability Database (NVD) : CVE-2019-5945
  20. National Vulnerability Database (NVD) : CVE-2019-5946
  21. National Vulnerability Database (NVD) : CVE-2019-5947
  22. National Vulnerability Database (NVD) : CVE-2020-5562
Revision History

  • [2019/4/25]
      Web page was published
  • [2019/09/30]
      References : Contents were added
  • [2020/04/27]
      Overview was modified
      CVSS Severity was modified
      Affected Products was modified
      Impact was modified
      Vendor Information was added
      CWE was added