Cybozu: >> Remote Service Manager Security Vulnerabilities
Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.
CVSS Score
5.4
EPSS Score
0.002
Published
2021-10-13
Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.
CVSS Score
5.4
EPSS Score
0.002
Published
2021-10-13
Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.8 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.
CVSS Score
5.4
EPSS Score
0.002
Published
2021-10-13
Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated attacker to conduct XML External Entity (XXE) attacks and obtain the information stored in the product via unspecified vectors. This issue occurs only when using Mozilla Firefox.
CVSS Score
6.5
EPSS Score
0.005
Published
2021-10-13
Cybozu Remote Service 3.0.0 to 3.1.0 allows remote authenticated attackers to upload and execute Java code file on the server via unspecified vectors.
CVSS Score
8.8
EPSS Score
0.009
Published
2019-01-09
Directory traversal vulnerability in Cybozu Remote Service 3.0.0 to 3.1.8 for Windows allows remote authenticated attackers to read arbitrary files via unspecified vectors.
CVSS Score
8.1
EPSS Score
0.006
Published
2019-01-09
Directory traversal vulnerability in Cybozu Remote Service 3.0.0 to 3.1.8 allows remote attackers to execute Java code file on the server via unspecified vectors.
CVSS Score
8.8
EPSS Score
0.01
Published
2019-01-09
Improper countermeasure against clickjacking attack in client certificates management screen was discovered in Cybozu Remote Service 3.0.0 to 3.1.8, that allows remote attackers to trick a user to delete the registered client certificate.
CVSS Score
6.5
EPSS Score
0.001
Published
2019-01-09
Remote Service Manager 3.0.0 to 3.1.4 fails to verify client certificates, which may allow remote attackers to gain access to systems on the network.
CVSS Score
4.2
EPSS Score
0.001
Published
2017-04-28
Algorithmic complexity vulnerability in Cybozu Remote Service Manager through 2.3.0 and 3.x through 3.1.2 allows remote attackers to cause a denial of service (CPU consumption) via vectors that trigger colliding hash-table keys. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-1983.
CVSS Score
7.8
EPSS Score
0.005
Published
2015-02-01