GCVE - cpe:2.3:a:cybozu:cybozu_office:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:cybozu:cybozu_office:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Cybozu (`6c3c6c19-80d3-5353-ad46-e08ec1369448`)
Product	Cybozu Office (`0ca1c9fe-989b-54aa-86b6-fd6994c3d655`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2013-3656`	vulnerable	2026-06-03 14:33:08.190888	Details available Cybozu Office 9.1.0 and earlier does not properly manage sessions, which allows remote attackers to bypass authentication by leveraging knowledge of a login URL. Published: 2013-07-18T01:00:00.000Z Updated: 2024-08-06T16:14:56.583Z Open on db.gcve.eu Reference links http://jvn.jp/en/jp/JVN19491840/index.html http://products.cybozu.co.jp/office/ver9/download/update/fix910.html https://exchange.xforce.ibmcloud.com/vulnerabilities/85894 http://jvndb.jvn.jp/jvndb/JVNDB-2013-000069	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-3269`	vulnerable	2026-06-03 14:33:06.462851	Details available Cross-site request forgery (CSRF) vulnerability in Cybozu Office before 8.1.6 and 9.x before 9.3.0 allows remote attackers to hijack the authentication of arbitrary users for requests that change mobile passwords, a different vulnerability than CVE-2013-2305. Published: 2013-04-25T10:00:00.000Z Updated: 2024-08-06T16:07:36.653Z Open on db.gcve.eu Reference links http://cs.cybozu.co.jp/information/20130415up11.php http://jvn.jp/en/jp/JVN06251813/index.html https://exchange.xforce.ibmcloud.com/vulnerabilities/83812 http://jvn.jp/en/jp/JVN06251813/374951/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2013-000034	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-2305`	vulnerable	2026-06-03 14:33:00.848801	Details available Cross-site request forgery (CSRF) vulnerability in Cybozu Office before 8.1.6 and 9.x before 9.3.0, Cybozu Dezie before 8.0.7, and Cybozu Mailwise before 5.0.4 allows remote attackers to hijack the authentication of arbitrary users for requests that change passwords. Published: 2013-04-25T10:00:00.000Z Updated: 2024-09-16T16:18:26.375Z Open on db.gcve.eu Reference links http://cs.cybozu.co.jp/information/20130415up10.php http://jvn.jp/en/jp/JVN06251813/index.html http://jvn.jp/en/jp/JVN06251813/374951/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2013-000034	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2006-4490`	vulnerable	2026-06-03 14:27:42.948517	Details available Multiple directory traversal vulnerabilities in Cybozu Office before 6.6 Build 1.3 and Share 360 before 2.5 Build 0.3 allow remote authenticated users to read arbitrary files via a .. (dot dot) sequence via the id parameter in (1) scripts/cbag/ag.exe or (2) scripts/s360v2/s360.exe. Published: 2006-08-31T22:00:00.000Z Updated: 2024-08-07T19:14:47.296Z Open on db.gcve.eu Reference links http://www.osvdb.org/28261 http://secunia.com/advisories/21618 http://secunia.com/advisories/21623 http://jvn.jp/jp/JVN%2390420168/index.html http://cybozu.co.jp/products/dl/notice_060825/	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.