Uncontrolled Resource Consumption Vulnerability in Cybozu Remote Service
CVE-2023-46278

6.5MEDIUM

Key Information:

Vendor: Cybozu
Status: Cybozu Remote Service
Vendor: CVE Published:; 1 November 2023

What is CVE-2023-46278?

An uncontrolled resource consumption vulnerability exists in Cybozu Remote Service versions 4.1.0 to 4.1.1. This issue can be exploited by a remote authenticated attacker, leading to excessive storage usage and significantly delayed communications. Proper security measures should be implemented to mitigate potential risks associated with this vulnerability.

Affected Version(s)

Cybozu Remote Service 4.1.0 to 4.1.1

References

https://cs.cybozu.co.jp/2023/010657.html

https://jvn.jp/en/jp/JVN94132951/

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 1, 2023
Vulnerability Reserved
Oct 20, 2023

CVE-2023-46278 Data

JSON