CVE-2024-31398

Summary

Insertion of sensitive information into sent data issue exists in Cybozu Garoon 5.0.0 to 5.15.2. If this vulnerability is exploited, a user who can log in to the product may obtain information on the list of users.

Affected Software

VendorProductVersion RangeStatus
Cybozu, Inc.Cybozu Garoon5.0.0 to 5.15.2affected

Weaknesses

  • Insertion of Sensitive Information Into Sent Data

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References