CVE-2023-27304: Auth Bypass in Garoon Message/Bulletin (4.6.05.9.2)
CVE-2023-27304 Published on May 23, 2023
Operation restriction bypass vulnerability in Message and Bulletin of Cybozu Garoon 4.6.0 to 5.9.2 allows a remote authenticated attacker to alter the data of Message and/or Bulletin.
Weakness Type
What is an AuthZ Vulnerability?
The software does not perform an authorization check when an actor attempts to access a resource or perform an action.
CVE-2023-27304 has been classified to as an AuthZ vulnerability or weakness.
Products Associated with CVE-2023-27304
Want to know whenever a new CVE is published for Cybozu Garoon? stack.watch will email you.
Affected Versions
Cybozu, Inc. Cybozu Garoon Version 4.6.0 to 5.9.2 is affected by CVE-2023-27304Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.