GCVE - cpe:2.3:a:cybozu:remote_service_manager:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:cybozu:remote_service_manager:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Cybozu (`6c3c6c19-80d3-5353-ad46-e08ec1369448`)
Product	Remote Service Manager (`f089b882-8996-5ec3-a884-1626f0305453`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2021-20807`	vulnerable	2026-06-03 14:43:43.240995	Details available Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.0.0 to 3.1.9 allows a remote attacker to inject an arbitrary script via unspecified vectors. Published: 2021-10-13T08:31:06.000Z Updated: 2024-08-03T17:53:22.642Z Open on db.gcve.eu Reference links https://jvn.jp/en/jp/JVN52694228/index.html https://kb.cybozu.support/article/37430	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-20806`	vulnerable	2026-06-03 14:43:43.240676	Details available Open redirect vulnerability in Cybozu Remote Service 3.0.0 to 3.1.9 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. Published: 2021-10-13T08:31:04.000Z Updated: 2024-08-03T17:53:22.509Z Open on db.gcve.eu Reference links https://jvn.jp/en/jp/JVN52694228/index.html https://kb.cybozu.support/article/37419	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-20805`	vulnerable	2026-06-03 14:43:43.240294	Details available Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.7 to 3.1.9 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors. Published: 2021-10-13T08:31:03.000Z Updated: 2024-08-03T17:53:22.671Z Open on db.gcve.eu Reference links https://jvn.jp/en/jp/JVN52694228/index.html https://kb.cybozu.support/article/37431	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2018-16172`	vulnerable	2026-06-03 14:38:20.012962	Details available Improper countermeasure against clickjacking attack in client certificates management screen was discovered in Cybozu Remote Service 3.0.0 to 3.1.8, that allows remote attackers to trick a user to delete the registered client certificate. Published: 2019-01-09T22:00:00.000Z Updated: 2024-08-05T10:17:38.320Z Open on db.gcve.eu Reference links https://kb.cybozu.support/article/35260/ https://jvn.jp/en/jp/JVN23161885/index.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2018-16171`	vulnerable	2026-06-03 14:38:20.012649	Details available Directory traversal vulnerability in Cybozu Remote Service 3.0.0 to 3.1.8 allows remote attackers to execute Java code file on the server via unspecified vectors. Published: 2019-01-09T22:00:00.000Z Updated: 2024-08-05T10:17:38.199Z Open on db.gcve.eu Reference links https://kb.cybozu.support/article/35259/ https://jvn.jp/en/jp/JVN23161885/index.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2018-16170`	vulnerable	2026-06-03 14:38:20.012302	Details available Directory traversal vulnerability in Cybozu Remote Service 3.0.0 to 3.1.8 for Windows allows remote authenticated attackers to read arbitrary files via unspecified vectors. Published: 2019-01-09T22:00:00.000Z Updated: 2024-08-05T10:17:38.299Z Open on db.gcve.eu Reference links https://kb.cybozu.support/article/34301/ https://jvn.jp/en/jp/JVN23161885/index.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2018-16169`	vulnerable	2026-06-03 14:38:20.011873	Details available Cybozu Remote Service 3.0.0 to 3.1.0 allows remote authenticated attackers to upload and execute Java code file on the server via unspecified vectors. Published: 2019-01-09T22:00:00.000Z Updated: 2024-08-05T10:17:38.319Z Open on db.gcve.eu Reference links https://kb.cybozu.support/article/34311/ https://jvn.jp/en/jp/JVN23161885/index.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2014-1984`	vulnerable	2026-06-03 14:33:49.213478	Details available Session fixation vulnerability in the management screen in Cybozu Remote Service Manager through 2.3.0 and 3.x before 3.1.1 allows remote attackers to hijack web sessions via unspecified vectors. Published: 2014-04-19T19:00:00.000Z Updated: 2024-08-06T09:58:16.044Z Open on db.gcve.eu Reference links http://cs.cybozu.co.jp/information/20130317notice02.php http://jvndb.jvn.jp/jvndb/JVNDB-2014-000040 http://jvn.jp/en/jp/JVN00058727/index.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2014-1983`	vulnerable	2026-06-03 14:33:49.213058	Details available Unspecified vulnerability in Cybozu Remote Service Manager through 2.3.0 and 3.x before 3.1.1 allows remote attackers to cause a denial of service (CPU consumption) via unknown vectors. Published: 2014-04-19T19:00:00.000Z Updated: 2024-08-06T09:58:15.600Z Open on db.gcve.eu Reference links http://jvn.jp/en/jp/JVN10319260/index.html http://cs.cybozu.co.jp/information/20130317notice01.php http://jvndb.jvn.jp/jvndb/JVNDB-2014-000039	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.