Cybozu Remote Service Manager — known CVE vulnerabilities
Every CVE whose affected-product data names Cybozu Remote Service Manager, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (22)
CVE-2018-16169 — CVSS 8.8 (high): Cybozu Remote Service 3.0.0 to 3.1.0 allows remote authenticated attackers to upload and execute Java code file on the server via…
CVE-2021-20795 — CVSS 8.8 (high): Cross-site request forgery (CSRF) vulnerability in the management screen of Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote attacker…
CVE-2018-16171 — CVSS 8.8 (high): Directory traversal vulnerability in Cybozu Remote Service 3.0.0 to 3.1.8 allows remote attackers to execute Java code file on the server…
CVE-2018-16170 — CVSS 8.1 (high): Directory traversal vulnerability in Cybozu Remote Service 3.0.0 to 3.1.8 for Windows allows remote authenticated attackers to read…
CVE-2014-1983 — CVSS 7.8 (high): Unspecified vulnerability in Cybozu Remote Service Manager through 2.3.0 and 3.x before 3.1.1 allows remote attackers to cause a denial of…
CVE-2014-7266 — CVSS 7.8 (high): Algorithmic complexity vulnerability in Cybozu Remote Service Manager through 2.3.0 and 3.x through 3.1.2 allows remote attackers to cause…
CVE-2014-1984 — CVSS 6.8 (medium): Session fixation vulnerability in the management screen in Cybozu Remote Service Manager through 2.3.0 and 3.x before 3.1.1 allows remote…
CVE-2022-26838 — CVSS 6.5 (medium): Path traversal vulnerability in Importing Mobile Device Data of Cybozu Remote Service 3.1.2 allows a remote authenticated attacker to cause…
CVE-2018-16172 — CVSS 6.5 (medium): Improper countermeasure against clickjacking attack in client certificates management screen was discovered in Cybozu Remote Service 3.0.0…
CVE-2021-20796 — CVSS 6.5 (medium): Directory traversal vulnerability in the management screen of Cybozu Remote Service 3.1.8 allows a remote authenticated attacker to upload…
CVE-2021-20801 — CVSS 6.5 (medium): Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated attacker to conduct XML External Entity (XXE) attacks and obtain the…
CVE-2021-20804 — CVSS 6.5 (medium): Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated attacker to cause a denial of service (DoS) condition via unspecified…
CVE-2021-20806 — CVSS 6.1 (medium): Open redirect vulnerability in Cybozu Remote Service 3.0.0 to 3.1.9 allows remote attackers to redirect users to arbitrary web sites and…
CVE-2021-20807 — CVSS 6.1 (medium): Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.0.0 to 3.1.9 allows a remote attacker to inject an…
CVE-2021-20803 — CVSS 5.4 (medium): Operation restriction bypass in the management screen of Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated attacker to…
CVE-2021-20799 — CVSS 5.4 (medium): Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated attacker…
CVE-2021-20800 — CVSS 5.4 (medium): Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.8 allows a remote authenticated attacker to inject…
CVE-2021-20797 — CVSS 5.4 (medium): Cross-site script inclusion vulnerability in the management screen of Cybozu Remote Service 3.1.8 allows a remote authenticated attacker to…
CVE-2021-20798 — CVSS 5.4 (medium): Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated attacker…
CVE-2021-20805 — CVSS 5.4 (medium): Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.7 to 3.1.9 allows a remote authenticated attacker…
CVE-2021-20802 — CVSS 5.3 (medium): HTTP header injection vulnerability in Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote attacker to alter the information stored in the…
CVE-2016-7815 — CVSS 4.2 (medium): Remote Service Manager 3.0.0 to 3.1.4 fails to verify client certificates, which may allow remote attackers to gain access to systems on…