Vulnerabilites related to cybozu - cybozu_garoon
CVE-2008-6744 (GCVE-0-2008-6744)
Vulnerability from cvelistv5
Published
2009-04-23 17:00
Modified
2024-08-07 11:42
Severity ?
CWE
  • n/a
Summary
Cross-site request forgery (CSRF) vulnerability in Cybozu Office 6, Cybozu Dezie before 6.0(1.0), and Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
References
http://cybozu.co.jp/products/dl/notice/detail/0016.html x_refsource_CONFIRM
http://cybozu.co.jp/products/dl/notice/detail/0018.html x_refsource_CONFIRM
http://jvn.jp/en/jp/JVN18405927/index.html third-party-advisory, x_refsource_JVN
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000033.html third-party-advisory, x_refsource_JVNDB
https://exchange.xforce.ibmcloud.com/vulnerabilities/43438 vdb-entry, x_refsource_XF
http://secunia.com/advisories/30882 third-party-advisory, x_refsource_SECUNIA
http://osvdb.org/46575 vdb-entry, x_refsource_OSVDB
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T11:42:00.049Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://cybozu.co.jp/products/dl/notice/detail/0016.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://cybozu.co.jp/products/dl/notice/detail/0018.html"
          },
          {
            "name": "JVN#18405927",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVN",
              "x_transferred"
            ],
            "url": "http://jvn.jp/en/jp/JVN18405927/index.html"
          },
          {
            "name": "JVNDB-2008-000033",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVNDB",
              "x_transferred"
            ],
            "url": "http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000033.html"
          },
          {
            "name": "garoon-unspecified-csrf(43438)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43438"
          },
          {
            "name": "30882",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30882"
          },
          {
            "name": "46575",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/46575"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-06-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site request forgery (CSRF) vulnerability in Cybozu Office 6, Cybozu Dezie before 6.0(1.0), and Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-16T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://cybozu.co.jp/products/dl/notice/detail/0016.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://cybozu.co.jp/products/dl/notice/detail/0018.html"
        },
        {
          "name": "JVN#18405927",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVN"
          ],
          "url": "http://jvn.jp/en/jp/JVN18405927/index.html"
        },
        {
          "name": "JVNDB-2008-000033",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVNDB"
          ],
          "url": "http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000033.html"
        },
        {
          "name": "garoon-unspecified-csrf(43438)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43438"
        },
        {
          "name": "30882",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30882"
        },
        {
          "name": "46575",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/46575"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-6744",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site request forgery (CSRF) vulnerability in Cybozu Office 6, Cybozu Dezie before 6.0(1.0), and Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://cybozu.co.jp/products/dl/notice/detail/0016.html",
              "refsource": "CONFIRM",
              "url": "http://cybozu.co.jp/products/dl/notice/detail/0016.html"
            },
            {
              "name": "http://cybozu.co.jp/products/dl/notice/detail/0018.html",
              "refsource": "CONFIRM",
              "url": "http://cybozu.co.jp/products/dl/notice/detail/0018.html"
            },
            {
              "name": "JVN#18405927",
              "refsource": "JVN",
              "url": "http://jvn.jp/en/jp/JVN18405927/index.html"
            },
            {
              "name": "JVNDB-2008-000033",
              "refsource": "JVNDB",
              "url": "http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000033.html"
            },
            {
              "name": "garoon-unspecified-csrf(43438)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43438"
            },
            {
              "name": "30882",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30882"
            },
            {
              "name": "46575",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/46575"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-6744",
    "datePublished": "2009-04-23T17:00:00",
    "dateReserved": "2009-04-23T00:00:00",
    "dateUpdated": "2024-08-07T11:42:00.049Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Vulnerability from fkie_nvd
Published
2009-04-23 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
Cross-site request forgery (CSRF) vulnerability in Cybozu Office 6, Cybozu Dezie before 6.0(1.0), and Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
References
cve@mitre.orghttp://cybozu.co.jp/products/dl/notice/detail/0016.htmlVendor Advisory
cve@mitre.orghttp://cybozu.co.jp/products/dl/notice/detail/0018.htmlVendor Advisory
cve@mitre.orghttp://jvn.jp/en/jp/JVN18405927/index.html
cve@mitre.orghttp://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000033.html
cve@mitre.orghttp://osvdb.org/46575
cve@mitre.orghttp://secunia.com/advisories/30882Vendor Advisory
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/43438
af854a3a-2127-422b-91ae-364da2661108http://cybozu.co.jp/products/dl/notice/detail/0016.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://cybozu.co.jp/products/dl/notice/detail/0018.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://jvn.jp/en/jp/JVN18405927/index.html
af854a3a-2127-422b-91ae-364da2661108http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000033.html
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/46575
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30882Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/43438
Impacted products
Vendor Product Version
cybozu cybozu_dezie *
cybozu cybozu_garoon 2.0.0
cybozu cybozu_garoon 2.0.1
cybozu cybozu_garoon 2.0.2
cybozu cybozu_garoon 2.0.3
cybozu cybozu_garoon 2.0.4
cybozu cybozu_garoon 2.0.5
cybozu cybozu_garoon 2.0.6
cybozu cybozu_garoon 2.1.0
cybozu cybozu_garoon 2.1.1
cybozu cybozu_garoon 2.1.2
cybozu cybozu_garoon 2.1.3
cybozu cybozu_office 6


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cybozu:cybozu_dezie:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEF18E01-4AC8-42D8-A6C5-C6D43975E591",
              "versionEndIncluding": "6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cybozu:cybozu_garoon:2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AA522EF-30FD-4084-90CE-53281588032B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cybozu:cybozu_garoon:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "801F2F15-F3A3-4322-8431-30D60DF100A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cybozu:cybozu_garoon:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A7FF28F-A677-41C7-9A24-EA25FA122319",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cybozu:cybozu_garoon:2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "85989F0A-8913-4BC8-ABD5-113C5E42C9A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cybozu:cybozu_garoon:2.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "594992A0-B9B0-4986-AC14-E17F9D9697AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cybozu:cybozu_garoon:2.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "171FF417-00A7-4404-99EA-029B1574F724",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cybozu:cybozu_garoon:2.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "5801F2B2-523A-47C9-A21A-625357961199",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cybozu:cybozu_garoon:2.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6DB31B6-C2B0-432B-B0EC-EC3A0218E818",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cybozu:cybozu_garoon:2.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A804339-9D42-4914-850D-A3B15BDBE8CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cybozu:cybozu_garoon:2.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "998A4F76-9945-4F75-AF15-90409F210B19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cybozu:cybozu_garoon:2.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F84B0A2D-C60F-41DB-93B3-E3896543A0ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cybozu:cybozu_office:6:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0B6B282-E664-4629-B028-C04CAB527D61",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site request forgery (CSRF) vulnerability in Cybozu Office 6, Cybozu Dezie before 6.0(1.0), and Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de falsificaci\u00f3n de petici\u00f3n en sitios cruzados (CSRF) en Cybozu Office v6, Cybozu Dezie anteriores a v6.0(1.0), y Cybozu Garoon v2.0.0 hasta la v2.1.3 permite a atacantes remotos secuestrar la autenticaci\u00f3n de victimas inespec\u00edficas a trav\u00e9s de vectores desconocidos."
    }
  ],
  "id": "CVE-2008-6744",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2009-04-23T17:30:00.233",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://cybozu.co.jp/products/dl/notice/detail/0016.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://cybozu.co.jp/products/dl/notice/detail/0018.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://jvn.jp/en/jp/JVN18405927/index.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000033.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/46575"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30882"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43438"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://cybozu.co.jp/products/dl/notice/detail/0016.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://cybozu.co.jp/products/dl/notice/detail/0018.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://jvn.jp/en/jp/JVN18405927/index.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000033.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/46575"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30882"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43438"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-352"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}