Information Disclosure Vulnerability in Cybozu Mailwise
CVE-2016-4842

4.3MEDIUM

Key Information:

Vendor

Cybozu
Status
Mailwise
Vendor
CVE Published:
20 April 2017

What is CVE-2016-4842?

Cybozu Mailwise is susceptible to an information disclosure vulnerability that allows authorized remote attackers to access sensitive data about email interactions. Prior to version 5.4.0, the software does not sufficiently protect data related to whether an email has been read, which could expose users to potential tracking and targeted attacks. This flaw underscores the importance of keeping software updated to mitigate security risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://support.cybozu.com/ja-jp/article/9606
x_refsource_CONFIRM
http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000136.html
third-party-advisoryx_refsource_JVNDB
http://jvn.jp/en/jp/JVN02576342/index.html
third-party-advisoryx_refsource_JVN

CVSS V3.1

Score:
4.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.