Cybozu: >> Remote Service Manager >> 3.0.1 Security Vulnerabilities
Open redirect vulnerability in Cybozu Remote Service 3.0.0 to 3.1.9 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
CVSS Score
6.1
EPSS Score
0.003
Published
2021-10-13
Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.0.0 to 3.1.9 allows a remote attacker to inject an arbitrary script via unspecified vectors.
CVSS Score
6.1
EPSS Score
0.003
Published
2021-10-13
Cybozu Remote Service 3.0.0 to 3.1.0 allows remote authenticated attackers to upload and execute Java code file on the server via unspecified vectors.
CVSS Score
8.8
EPSS Score
0.009
Published
2019-01-09
Directory traversal vulnerability in Cybozu Remote Service 3.0.0 to 3.1.8 for Windows allows remote authenticated attackers to read arbitrary files via unspecified vectors.
CVSS Score
8.1
EPSS Score
0.006
Published
2019-01-09
Directory traversal vulnerability in Cybozu Remote Service 3.0.0 to 3.1.8 allows remote attackers to execute Java code file on the server via unspecified vectors.
CVSS Score
8.8
EPSS Score
0.01
Published
2019-01-09
Improper countermeasure against clickjacking attack in client certificates management screen was discovered in Cybozu Remote Service 3.0.0 to 3.1.8, that allows remote attackers to trick a user to delete the registered client certificate.
CVSS Score
6.5
EPSS Score
0.001
Published
2019-01-09
Remote Service Manager 3.0.0 to 3.1.4 fails to verify client certificates, which may allow remote attackers to gain access to systems on the network.
CVSS Score
4.2
EPSS Score
0.001
Published
2017-04-28
Unspecified vulnerability in Cybozu Remote Service Manager through 2.3.0 and 3.x before 3.1.1 allows remote attackers to cause a denial of service (CPU consumption) via unknown vectors.
CVSS Score
7.8
EPSS Score
0.012
Published
2014-04-19
Session fixation vulnerability in the management screen in Cybozu Remote Service Manager through 2.3.0 and 3.x before 3.1.1 allows remote attackers to hijack web sessions via unspecified vectors.
CVSS Score
6.8
EPSS Score
0.006
Published
2014-04-19