CVE-2019-5935

Summary

Cybozu Garoon 4.0.0 to 4.10.1 allows remote authenticated attackers to bypass access restriction to change user information without access privileges via the Item function of User Information.

Affected Software

VendorProductVersion RangeStatus
Cybozu, Inc.Cybozu Garoon4.0.0 to 4.10.1affected

Weaknesses

  • Fails to restrict access

ADP Enrichment

CVE Program Container

Additional References

References