Back to search
CVE-2021-20874
Published: Dec 24, 2021
Modified: Aug 3, 2024
PUBLISHED
Description
Incorrect permission assignment for critical resource vulnerability in GroupSession Free edition ver5.1.1 and earlier, GroupSession byCloud ver5.1.1 and earlier, and GroupSession ZION ver5.1.1 and earlier allows a remote unauthenticated attacker to access arbitrary files on the server and obtain sensitive information via unspecified vectors.
| Vendor | Product | Versions |
|---|---|---|
Japan Total System Co.,Ltd. | GroupSession Free edition, GroupSession byCloud, GroupSession ZION | affected GroupSession Free edition ver5.1.1 and earlier, GroupSession byCloud ver5.1.1 and earlier, and GroupSession ZION ver5.1.1 and earlier |
References
https://groupsession.jp/info/info-news/security20211220
x_refsource_MISC
https://jvn.jp/en/jp/JVN79798166/index.html
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now