CVE-2010-2029
CVE-2010-2029
Cybozu Office 7 Ktai and Dotsales do not properly restrict access to the login page, which allows remote attackers to bypass authentication and obtain or modify sensitive information by using the unique ID of the user's cell phone.
Produtos afetados
n/a · n/aQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://cybozu.co.jp/products/dl/notice/detail/0034.htmlhttp://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000016.htmlhttp://jvn.jp/en/jp/JVN87730223/index.htmlhttp://secunia.com/advisories/39508https://exchange.xforce.ibmcloud.com/vulnerabilities/57976http://www.ipa.go.jp/security/english/vuln/201004_cybozu_en.htmlhttp://www.osvdb.org/63933