CVE-2023-27304

Summary

Operation restriction bypass vulnerability in Message and Bulletin of Cybozu Garoon 4.6.0 to 5.9.2 allows a remote authenticated attacker to alter the data of Message and/or Bulletin.

Affected Software

VendorProductVersion RangeStatus
Cybozu, Inc.Cybozu Garoon4.6.0 to 5.9.2affected

Weaknesses

  • Improper authorization

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References