CVE-2017-2094

Description

Cybozu Garoon 3.0.0 to 4.2.3 allows remote authenticated attackers to bypass access restriction in Workflow and the "MultiReport" function to alter or delete information via unspecified vectors.

Affected products

• Cybozu, Inc. / Cybozu Garoon3.0.0 to 4.2.3 – 3.0.0 to 4.2.3

References

• MISChttps://support.cybozu.com/ja-jp/article/9655
• MISChttp://jvn.jp/en/jp/JVN73182875/index.html
• MISChttp://www.securityfocus.com/bid/96429