CVE-2019-5942

Summary

Cybozu Garoon 4.0.0 to 4.10.1 allows remote authenticated attackers to bypass access restriction to obtain files without access privileges via the Multiple Files Download function of application 'Cabinet'.

Affected Software

VendorProductVersion RangeStatus
Cybozu, Inc.Cybozu Garoon4.0.0 to 4.10.1affected

Weaknesses

  • Fails to restrict access

ADP Enrichment

CVE Program Container

Additional References

References