2020-12-17 22:04:12 +00:00
{
"data_type" : "CVE" ,
"data_format" : "MITRE" ,
"data_version" : "4.0" ,
"CVE_data_meta" : {
"ID" : "CVE-2021-20634" ,
2021-03-18 01:00:54 +00:00
"ASSIGNER" : "vultures@jpcert.or.jp" ,
"STATE" : "PUBLIC"
2021-03-18 09:42:28 +09:00
} ,
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "Cybozu, Inc." ,
"product" : {
"product_data" : [
{
"product_name" : "Cybozu Office" ,
"version" : {
"version_data" : [
{
"version_value" : "10.0.0 to 10.8.4"
}
]
}
}
]
}
}
]
}
} ,
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng" ,
"value" : "Improper Access Control"
}
]
}
]
} ,
"references" : {
"reference_data" : [
{
2021-03-18 01:00:54 +00:00
"url" : "https://jvn.jp/en/jp/JVN45797538/index.html" ,
"refsource" : "MISC" ,
"name" : "https://jvn.jp/en/jp/JVN45797538/index.html"
2021-03-18 09:42:28 +09:00
} ,
{
2021-03-18 01:00:54 +00:00
"url" : "https://kb.cybozu.support/article/36865/" ,
"refsource" : "MISC" ,
"name" : "https://kb.cybozu.support/article/36865/"
2021-03-18 09:42:28 +09:00
}
]
2020-12-17 22:04:12 +00:00
} ,
"description" : {
"description_data" : [
{
"lang" : "eng" ,
2021-03-18 09:42:28 +09:00
"value" : "Improper access control vulnerability in Custom App of Cybozu Office 10.0.0 to 10.8.4 allows authenticated attackers to bypass access restriction and obtain the date of Custom App via unspecified vectors."
2020-12-17 22:04:12 +00:00
}
]
}
}
