CVE-2017-2258

Summary

Directory traversal vulnerability in Cybozu Garoon 4.2.4 to 4.2.5 allows an attacker to read arbitrary files via Garoon SOAP API "WorkflowHandleApplications".

Affected Software

VendorProductVersion RangeStatus
Cybozu, Inc.Cybozu Garoon4.2.4 to 4.2.5affected

Weaknesses

  • Directory traversal

ADP Enrichment

CVE Program Container

Additional References

References