cbcvebase.
CVE-2014-1996
published 2014-07-20

CVE-2014-1996: Cybozu Garoon 3.7 before SP4 allows remote authenticated users to bypass intended access restrictions, and execute arbitrary code or cause a denial of service…

PriorityP338high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
2.64%
83.7th percentile
Cybozu Garoon 3.7 before SP4 allows remote authenticated users to bypass intended access restrictions, and execute arbitrary code or cause a denial of service, via an API call.

Affected

9 ranges
VendorProductVersion rangeFixed in
cybozugaroon
cybozugaroon
linuxlinux_kernel>= 3.18.0 < 5.10.2485.10.248
linuxlinux_kernel>= 5.11.0 < 5.15.1985.15.198
linuxlinux_kernel>= 5.16.0 < 6.1.1606.1.160
linuxlinux_kernel>= 6.13.0 < 6.18.46.18.4
linuxlinux_kernel>= 6.2.0 < 6.6.1206.6.120
linuxlinux_kernel>= 6.2.0 < 6.2.116.2.11
linuxlinux_kernel>= 6.7.0 < 6.12.646.12.64

CVSS provenance

nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.1HIGH
vendor_redhat7.8HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.