Uncontrolled Resource Consumption in Cybozu Remote Service
CVE-2022-44608

7.5HIGH

Key Information:

Vendor: Cybozu
Status: Cybozu Remote Service
Vendor: CVE Published:; 7 December 2022

What is CVE-2022-44608?

A vulnerability exists in Cybozu Remote Service versions 4.0.0 to 4.0.3 that permits a remote authenticated attacker to exploit uncontrolled resource consumption. This flaw enables the attacker to exhaust system storage, potentially leading to a denial-of-service condition. Effective mitigation and addressing of this issue are crucial to ensure the availability and reliability of the affected services.

Affected Version(s)

Cybozu Remote Service 4.0.0 to 4.0.3

References

https://cs.cybozu.co.jp/2022/007754.html

https://jvn.jp/en/jp/JVN87895771/index.html

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 7, 2022
Vulnerability Reserved
Nov 20, 2022

CVE-2022-44608 Data

JSON