Cybozu Remote Service Manager
By the Year
In 2023 there have been 1 vulnerability in Cybozu Remote Service Manager with an average score of 6.5 out of ten. Remote Service Manager did not have any published security vulnerabilities last year. That is, 1 more vulnerability have already been reported in 2023 as compared to last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2023 | 1 | 6.50 |
2022 | 0 | 0.00 |
2021 | 13 | 6.02 |
2020 | 0 | 0.00 |
2019 | 2 | 7.65 |
2018 | 0 | 0.00 |
It may take a day or so for new Remote Service Manager vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Cybozu Remote Service Manager Security Vulnerabilities
Path traversal vulnerability in Importing Mobile Device Data of Cybozu Remote Service 3.1.2
CVE-2022-26838
6.5 - Medium
- August 03, 2023
Path traversal vulnerability in Importing Mobile Device Data of Cybozu Remote Service 3.1.2 allows a remote authenticated attacker to cause a denial-of-service (DoS) condition.
Directory traversal
Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.0.0 to 3.1.9
CVE-2021-20807
6.1 - Medium
- October 13, 2021
Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.0.0 to 3.1.9 allows a remote attacker to inject an arbitrary script via unspecified vectors.
XSS
Open redirect vulnerability in Cybozu Remote Service 3.0.0 to 3.1.9
CVE-2021-20806
6.1 - Medium
- October 13, 2021
Open redirect vulnerability in Cybozu Remote Service 3.0.0 to 3.1.9 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
Open Redirect
Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.7 to 3.1.9
CVE-2021-20805
5.4 - Medium
- October 13, 2021
Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.7 to 3.1.9 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.
XSS
Cybozu Remote Service 3.1.8 to 3.1.9
CVE-2021-20804
6.5 - Medium
- October 13, 2021
Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated attacker to cause a denial of service (DoS) condition via unspecified vectors.
Operation restriction bypass in the management screen of Cybozu Remote Service 3.1.8 to 3.1.9
CVE-2021-20803
5.4 - Medium
- October 13, 2021
Operation restriction bypass in the management screen of Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated attacker to alter the data of the management screen.
AuthZ
HTTP header injection vulnerability in Cybozu Remote Service 3.1.8 to 3.1.9
CVE-2021-20802
5.3 - Medium
- October 13, 2021
HTTP header injection vulnerability in Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote attacker to alter the information stored in the product.
Injection
Cybozu Remote Service 3.1.8 to 3.1.9
CVE-2021-20801
6.5 - Medium
- October 13, 2021
Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated attacker to conduct XML External Entity (XXE) attacks and obtain the information stored in the product via unspecified vectors. This issue occurs only when using Mozilla Firefox.
XXE
Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.8
CVE-2021-20800
5.4 - Medium
- October 13, 2021
Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.8 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.
XSS
Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.8 to 3.1.9
CVE-2021-20799
5.4 - Medium
- October 13, 2021
Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.
XSS
Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.8 to 3.1.9
CVE-2021-20798
5.4 - Medium
- October 13, 2021
Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.
XSS
Cross-site script inclusion vulnerability in the management screen of Cybozu Remote Service 3.1.8
CVE-2021-20797
5.4 - Medium
- October 13, 2021
Cross-site script inclusion vulnerability in the management screen of Cybozu Remote Service 3.1.8 allows a remote authenticated attacker to obtain the information stored in the product. This issue occurs only when using Mozilla Firefox.
XSS
Directory traversal vulnerability in the management screen of Cybozu Remote Service 3.1.8
CVE-2021-20796
6.5 - Medium
- October 13, 2021
Directory traversal vulnerability in the management screen of Cybozu Remote Service 3.1.8 allows a remote authenticated attacker to upload an arbitrary file via unspecified vectors.
Directory traversal
Cross-site request forgery (CSRF) vulnerability in the management screen of Cybozu Remote Service 3.1.8 to 3.1.9
CVE-2021-20795
8.8 - High
- October 13, 2021
Cross-site request forgery (CSRF) vulnerability in the management screen of Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote attacker to hijack the authentication of administrators and unintended operations may be performed via unspecified vectors.
Session Riding
Cybozu Remote Service 3.0.0 to 3.1.0
CVE-2018-16169
8.8 - High
- January 09, 2019
Cybozu Remote Service 3.0.0 to 3.1.0 allows remote authenticated attackers to upload and execute Java code file on the server via unspecified vectors.
Unrestricted File Upload
Improper countermeasure against clickjacking attack in client certificates management screen was discovered in Cybozu Remote Service 3.0.0 to 3.1.8
CVE-2018-16172
6.5 - Medium
- January 09, 2019
Improper countermeasure against clickjacking attack in client certificates management screen was discovered in Cybozu Remote Service 3.0.0 to 3.1.8, that allows remote attackers to trick a user to delete the registered client certificate.
Clickjacking
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Cybozu Remote Service Manager or by Cybozu? Click the Watch button to subscribe.
