CVE-2017-2095

Description

Cybozu Garoon 3.0.0 to 4.2.3 allows remote authenticated attackers to bypass access restriction in the mail function leading to an alteration of the order of mail folders via unspecified vectors.

Affected products

• Cybozu, Inc. / Cybozu Garoon3.0.0 to 4.2.3 – 3.0.0 to 4.2.3

References

• MISChttps://support.cybozu.com/ja-jp/article/9660
• MISChttp://jvn.jp/en/jp/JVN73182875/index.html
• MISChttp://www.securityfocus.com/bid/96429