Back to search
CVE-2015-5649
Published: Oct 8, 2015
Modified: Aug 6, 2024
PUBLISHED
Description
Cybozu Garoon 3.x through 3.7.5 and 4.x through 4.0.3 mishandles authentication requests, which allows remote authenticated users to conduct LDAP injection attacks, and consequently bypass intended login restrictions or obtain sensitive information, by leveraging certain group-administration privileges.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
JVN#38369032
third-party-advisory
x_refsource_JVN
JVNDB-2015-000152
third-party-advisory
x_refsource_JVNDB
https://support.cybozu.com/ja-jp/article/9176
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now