Vulnerability Description
Cross-site request forgery (CSRF) vulnerability in Cybozu Office 6, Cybozu Dezie before 6.0(1.0), and Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cybozu | Cybozu Dezie | <= 6 |
| Cybozu | Cybozu Garoon | 2.0.0 |
| Cybozu | Cybozu Office | 6 |
Related Weaknesses (CWE)
References
- http://cybozu.co.jp/products/dl/notice/detail/0016.htmlVendor Advisory
- http://cybozu.co.jp/products/dl/notice/detail/0018.htmlVendor Advisory
- http://jvn.jp/en/jp/JVN18405927/index.html
- http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000033.html
- http://osvdb.org/46575
- http://secunia.com/advisories/30882Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43438
- http://cybozu.co.jp/products/dl/notice/detail/0016.htmlVendor Advisory
- http://cybozu.co.jp/products/dl/notice/detail/0018.htmlVendor Advisory
- http://jvn.jp/en/jp/JVN18405927/index.html
- http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000033.html
- http://osvdb.org/46575
- http://secunia.com/advisories/30882Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43438
FAQ
What is CVE-2008-6744?
CVE-2008-6744 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Cross-site request forgery (CSRF) vulnerability in Cybozu Office 6, Cybozu Dezie before 6.0(1.0), and Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to hijack the authentication of unspecif...
How severe is CVE-2008-6744?
CVE-2008-6744 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-6744?
Check the references section above for vendor advisories and patch information. Affected products include: Cybozu Cybozu Dezie, Cybozu Cybozu Garoon, Cybozu Cybozu Office.