CVE-2017-2091

Description

Cybozu Garoon 3.0.0 to 4.2.3 allows remote authenticated attackers to bypass access restriction in Phone Messages function to alter the status of phone messages via unspecified vectors.

Affected products

• Cybozu, Inc. / Cybozu Garoon3.0.0 to 4.2.3 – 3.0.0 to 4.2.3

References

• MISChttps://support.cybozu.com/ja-jp/article/9570
• MISChttp://jvn.jp/en/jp/JVN73182875/index.html
• MISChttp://www.securityfocus.com/bid/96429