Insertion of sensitive information into sent data issue exists in Cybozu Garoon 5.0.0 to 5.15.2. If this vulnerability is exploited, a user who can log in to the product may obtain information on the list of users.
History

Fri, 23 Aug 2024 02:45:00 +0000

Type Values Removed Values Added
First Time appeared Cybozu
Cybozu garoon
Weaknesses NVD-CWE-Other
CPEs cpe:2.3:a:cybozu:garoon:*:*:*:*:*:*:*:*
Vendors & Products Cybozu
Cybozu garoon
Metrics cvssV3_1

{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: jpcert

Published: 2024-06-11T05:20:51.967Z

Updated: 2024-08-02T01:52:56.926Z

Reserved: 2024-04-03T09:14:19.134Z

Link: CVE-2024-31398

cve-icon Vulnrichment

Updated: 2024-06-11T14:54:14.477Z

cve-icon NVD

Status : Modified

Published: 2024-06-11T06:15:10.347

Modified: 2024-11-21T09:13:27.210

Link: CVE-2024-31398

cve-icon Redhat

No data.