CVE-2019-6022
MEDIUM WAF: High
CVSS 6.5
Published: 2019-12-26
CWE-22
Directory traversal vulnerability in Cybozu Office 10.0.0 to 10.8.3 allows remote authenticated attackers to alter arbitrary files via the 'Customapp' function.
WAF Coverage Analysis
Path Traversal
High WAF Coverage
OWASP: A01:2021 Broken Access Control
930xxx - Local File Inclusion
Affected Software
| Vendor | Product | Version |
|---|---|---|
| cybozu | office | 10.0.0 - 10.8.3 |
References
- jvn.jp (Third Party Advisory, VDB Entry)
- kb.cybozu.support (Vendor Advisory)