Sensitive Information Insertion Vulnerability in Garoon
CVE-2024-31404

Currently unrated

Key Information:

Vendor: Cybozu
Status: Cybozu Garoon
Vendor: CVE Published:; 11 June 2024

What is CVE-2024-31404?

A vulnerability in Cybozu Garoon versions 5.5.0 to 6.0.0 allows logged-in users to potentially access sensitive information intended to be private. This weakness is related to the improper handling of data within the Scheduler feature, which may expose confidential data to unauthorized users. Organizations using affected versions must take immediate action to mitigate this risk and safeguard sensitive information from unauthorized visibility.

Affected Version(s)

Cybozu Garoon 5.5.0 to 6.0.0

References

https://cs.cybozu.co.jp/2024/007901.html

https://jvn.jp/en/jp/JVN28869536/

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 11, 2024
Vulnerability Reserved
Apr 3, 2024

CVE-2024-31404 Data

JSON