[Japanese]

JVNDB-2019-000047

Multiple vulnerabilities in Cybozu Garoon

Overview

Cybozu Garoon provided by Cybozu, Inc. contains multiple vulnerabilities listed below.
* DOM-based cross-site scripting in the application "Portal" (CWE-79) - CVE-2019-5975
* Denial-of-service (DoS) (CWE-20) - CVE-2019-5976
* Mail header injection in the application "E-mail" (CWE-74) - CVE-2019-5977
* Open redirect in the application "Scheduler" (CWE-601) - CVE-2019-5978

Masato Kinugawa reported CVE-2019-5975 vulnerability to Cybozu, Inc., and Cybozu, Inc. reported it to JPCERT/CC to notify users of its solution through JVN.

Kanta Nishitani reported CVE-2019-5976 and CVE-2019-5978 vulnerabilities to Cybozu, Inc., and Cybozu, Inc. reported it to JPCERT/CC to notify users of its solution through JVN.

Shuichi Uruma reported CVE-2019-5977 vulnerability to Cybozu, Inc., and Cybozu, Inc. reported it to JPCERT/CC to notify users of its solution through JVN.
CVSS Severity (What is CVSS?)

CVSS V3 Severity:
Base Metrics 4.9 (Medium) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: High
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High
CVSS V2 Severity:
Base Metrics 4.0 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Low
  • Authentication: Single Instance
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: Partial
The above CVSS base scores have been assigned for CVE-2019-5976


CVSS V3 Severity:
Base Metrics: 4.4 (Medium) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: Low
  • User Interaction: Required
  • Scope: Changed
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: None
CVSS V2 Severity:
Base Metrics: 1.7 (Low) [IPA Score]
  • Access Vector: Network
  • Access Complexity: High
  • Authentication: Multiple
  • Confidentiality Impact: None
  • Integrity Impact: Partial
  • Availability Impact: None
The above CVSS base scores have been assigned for CVE-2019-5975


CVSS V3 Severity:
Base Metrics: 4.3 (Medium) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: None
  • Integrity Impact: Low
  • Availability Impact: None
CVSS V2 Severity:
Base Metrics: 4.0 (Low) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Low
  • Authentication: Single
  • Confidentiality Impact: None
  • Integrity Impact: Partial
  • Availability Impact: None
The above CVSS base scores have been assigned for CVE-2019-5977


CVSS V3 Severity:
Base Metrics: 4.7 (Medium) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Changed
  • Confidentiality Impact: None
  • Integrity Impact: Low
  • Availability Impact: None
CVSS V2 Severity:
Base Metrics: 2.6 (Low) [IPA Score]
  • Access Vector: Network
  • Access Complexity: High
  • Authentication: None
  • Confidentiality Impact: None
  • Integrity Impact: Partial
  • Availability Impact: None
The above CVSS base scores have been assigned for CVE-2019-5978
Affected Products


Cybozu, Inc.
  • Cybozu Garoon 4.6.0 to 4.10.2 (CVE-2019-5975)
  • Cybozu Garoon 4.0.0 to 4.10.2 (CVE-2019-5976, CVE-2019-5977 and CVE-2019-5978)

Impact

* An arbitrary script may be executed on the logged in user's web browser while accessing a malicious web page - CVE-2019-5975
* A denial-of-service (DoS) condition may be caused if an attacker with administrative privileges alters sesssion authentication data - CVE-2019-5976
* Mail with an altered header by a user may be sent - CVE-2019-5977
* A user may be redirected to an arbitrary website if accessing a specially crafted URL - CVE-2019-5978
Solution

[Update the Software]
Update to the latest version according to the information provided by the developer.

Vendor Information

Cybozu, Inc.
CWE (What is CWE?)

  1. Improper Input Validation(CWE-20) [IPA Evaluation]
  2. Cross-site Scripting(CWE-79) [IPA Evaluation]
CVE (What is CVE?)

  1. CVE-2019-5975
  2. CVE-2019-5976
  3. CVE-2019-5977
  4. CVE-2019-5978
References

  1. JVN : JVN#62618482
  2. National Vulnerability Database (NVD) : CVE-2019-5975
  3. National Vulnerability Database (NVD) : CVE-2019-5976
  4. National Vulnerability Database (NVD) : CVE-2019-5977
  5. National Vulnerability Database (NVD) : CVE-2019-5978
Revision History

  • [2019/07/16]
      Web page was published
  • [2019/10/08]
      References : Contents were added