CVE-2015-5649 - OpenCVE

Cybozu Garoon 3.x through 3.7.5 and 4.x through 4.0.3 mishandles authentication requests, which allows remote authenticated users to conduct LDAP injection attacks, and consequently bypass intended login restrictions or obtain sensitive information, by leveraging certain group-administration privileges.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact Complete

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:S/C:C/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Cybozu	Garoon

Configuration 1 [-]

OR	cpe:2.3:a:cybozu:garoon:3.0.0:::::::*
	cpe:2.3:a:cybozu:garoon:3.0.1:::::::*
	cpe:2.3:a:cybozu:garoon:3.0.2:::::::*
	cpe:2.3:a:cybozu:garoon:3.0.3:::::::*
	cpe:2.3:a:cybozu:garoon:3.1.0:::::::*
	cpe:2.3:a:cybozu:garoon:3.1.1:::::::*
	cpe:2.3:a:cybozu:garoon:3.1.2:::::::*
	cpe:2.3:a:cybozu:garoon:3.1.3:::::::*
	cpe:2.3:a:cybozu:garoon:3.5.0:::::::*
	cpe:2.3:a:cybozu:garoon:3.5.1:::::::*
	cpe:2.3:a:cybozu:garoon:3.5.2:::::::*
	cpe:2.3:a:cybozu:garoon:3.5.3:::::::*
	cpe:2.3:a:cybozu:garoon:3.5.4:::::::*
	cpe:2.3:a:cybozu:garoon:3.5.5:::::::*
	cpe:2.3:a:cybozu:garoon:3.7:sp1::::::
	cpe:2.3:a:cybozu:garoon:3.7:sp2::::::
	cpe:2.3:a:cybozu:garoon:3.7:sp3::::::
	cpe:2.3:a:cybozu:garoon:3.7.0:::::::*
	cpe:2.3:a:cybozu:garoon:3.7.1:::::::*
	cpe:2.3:a:cybozu:garoon:3.7.2:::::::*
	cpe:2.3:a:cybozu:garoon:3.7.3:::::::*
	cpe:2.3:a:cybozu:garoon:4.0.0:::::::*
	cpe:2.3:a:cybozu:garoon:4.0.3:::::::*

References

Link	Resource
http://jvn.jp/en/jp/JVN38369032/index.html	Vendor Advisory
http://jvndb.jvn.jp/jvndb/JVNDB-2015-000152	Vendor Advisory
https://support.cybozu.com/ja-jp/article/9176	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: jpcert

Published: 2015-10-08T20:00:00

Updated: 2015-10-08T20:57:01

Reserved: 2015-07-24T00:00:00

Link: CVE-2015-5649

JSON object: View

NVD Information

Status : Analyzed

Published: 2015-10-08T20:59:00.097

Modified: 2015-10-09T17:28:24.837

Link: CVE-2015-5649

JSON object: View

Redhat Information

No data.

CWE

CWE-287

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-10-07T00:00:00", "descriptions": [{"lang": "en", "value": "Cybozu Garoon 3.x through 3.7.5 and 4.x through 4.0.3 mishandles authentication requests, which allows remote authenticated users to conduct LDAP injection attacks, and consequently bypass intended login restrictions or obtain sensitive information, by leveraging certain group-administration privileges."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2015-10-08T20:57:01", "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert"}, "references": [{"name": "JVN#38369032", "tags": ["third-party-advisory", "x_refsource_JVN"], "url": "http://jvn.jp/en/jp/JVN38369032/index.html"}, {"name": "JVNDB-2015-000152", "tags": ["third-party-advisory", "x_refsource_JVNDB"], "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000152"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://support.cybozu.com/ja-jp/article/9176"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "vultures@jpcert.or.jp", "ID": "CVE-2015-5649", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cybozu Garoon 3.x through 3.7.5 and 4.x through 4.0.3 mishandles authentication requests, which allows remote authenticated users to conduct LDAP injection attacks, and consequently bypass intended login restrictions or obtain sensitive information, by leveraging certain group-administration privileges."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "JVN#38369032", "refsource": "JVN", "url": "http://jvn.jp/en/jp/JVN38369032/index.html"}, {"name": "JVNDB-2015-000152", "refsource": "JVNDB", "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000152"}, {"name": "https://support.cybozu.com/ja-jp/article/9176", "refsource": "CONFIRM", "url": "https://support.cybozu.com/ja-jp/article/9176"}]}}}}, "cveMetadata": {"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "assignerShortName": "jpcert", "cveId": "CVE-2015-5649", "datePublished": "2015-10-08T20:00:00", "dateReserved": "2015-07-24T00:00:00", "dateUpdated": "2015-10-08T20:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cybozu:garoon:3.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "D3BB615D-E485-4ADE-B77D-FA9FB676DA4D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cybozu:garoon:3.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "18C7B082-06A5-4AC8-91D4-C6E2835AB286", "vulnerable": true}, {"criteria": "cpe:2.3:a:cybozu:garoon:3.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "CAF17D9A-4A2D-4F15-B377-AC6F6B2896AB", "vulnerable": true}, {"criteria": "cpe:2.3:a:cybozu:garoon:3.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "13F08BE5-2639-4581-A49C-854820B25763", "vulnerable": true}, {"criteria": "cpe:2.3:a:cybozu:garoon:3.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "56525E34-BC26-4833-938F-F157B77D82CF", "vulnerable": true}, {"criteria": "cpe:2.3:a:cybozu:garoon:3.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "5195BBDF-2153-4600-8308-110BE2A73816", "vulnerable": true}, {"criteria": "cpe:2.3:a:cybozu:garoon:3.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "921FEEAD-1C44-4E65-8912-102A31B3D0B2", "vulnerable": true}, {"criteria": "cpe:2.3:a:cybozu:garoon:3.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "9A70AA82-947D-49AC-9019-A1F06DF8ABBA", "vulnerable": true}, {"criteria": "cpe:2.3:a:cybozu:garoon:3.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "F462AD2C-EF50-489D-99E0-EAA9D78D7D46", "vulnerable": true}, {"criteria": "cpe:2.3:a:cybozu:garoon:3.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "A69FAED9-AC11-4D20-885B-FFA04995F1F9", "vulnerable": true}, {"criteria": "cpe:2.3:a:cybozu:garoon:3.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "C3D36285-4AEF-4EE8-8737-10E3B89D3F1C", "vulnerable": true}, {"criteria": "cpe:2.3:a:cybozu:garoon:3.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "AB7D6AFF-BA89-4CCB-8F29-75592E3BA8FA", "vulnerable": true}, {"criteria": "cpe:2.3:a:cybozu:garoon:3.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "4F181B9E-3613-42D4-92FA-3AA54BB10785", "vulnerable": true}, {"criteria": "cpe:2.3:a:cybozu:garoon:3.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "D2014154-4685-4A48-AA69-02D0C1C78ED2", "vulnerable": true}, {"criteria": "cpe:2.3:a:cybozu:garoon:3.7:sp1:*:*:*:*:*:*", "matchCriteriaId": "D0121310-1C8A-4F3E-9C0C-B8EA37907C7F", "vulnerable": true}, {"criteria": "cpe:2.3:a:cybozu:garoon:3.7:sp2:*:*:*:*:*:*", "matchCriteriaId": "EE55E26D-AC2D-4384-97BC-090737F2D100", "vulnerable": true}, {"criteria": "cpe:2.3:a:cybozu:garoon:3.7:sp3:*:*:*:*:*:*", "matchCriteriaId": "B042AA50-E923-4C84-8A94-85479A59F652", "vulnerable": true}, {"criteria": "cpe:2.3:a:cybozu:garoon:3.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "3B681C16-60F7-46B5-BD26-25F7DC9F5F47", "vulnerable": true}, {"criteria": "cpe:2.3:a:cybozu:garoon:3.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "19694FDB-184D-4C09-BD72-BB7B96F6391D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cybozu:garoon:3.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "595FBCBB-BC3F-4E18-AFBE-C95108C4CB2F", "vulnerable": true}, {"criteria": "cpe:2.3:a:cybozu:garoon:3.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "CD33E00A-5082-42F4-81F5-4647BD602D31", "vulnerable": true}, {"criteria": "cpe:2.3:a:cybozu:garoon:4.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "71CC4428-0CB4-497F-8274-52E6CC273D65", "vulnerable": true}, {"criteria": "cpe:2.3:a:cybozu:garoon:4.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "3A428CA3-8FAF-4DEB-8D95-5E76098E83B6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Cybozu Garoon 3.x through 3.7.5 and 4.x through 4.0.3 mishandles authentication requests, which allows remote authenticated users to conduct LDAP injection attacks, and consequently bypass intended login restrictions or obtain sensitive information, by leveraging certain group-administration privileges."}, {"lang": "es", "value": "Cybozu Garoon 3.x hasta la versi\u00f3n 3.7.5 y 4.x hasta la versi\u00f3n 4.0.3, no maneja correctamente peticiones de autenticaci\u00f3n, lo que permite a usuarios remotos autenticados llevar a cabo ataques de inyecci\u00f3n LDAP y, consecuentemente, eludir las restricciones destinadas al inicio de sesi\u00f3n u obtener informaci\u00f3n sensible mediante el aprovechamiento de ciertos privilegios del grupo administraci\u00f3n."}], "id": "CVE-2015-5649", "lastModified": "2015-10-09T17:28:24.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 7.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:C/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 7.8, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2015-10-08T20:59:00.097", "references": [{"source": "vultures@jpcert.or.jp", "tags": ["Vendor Advisory"], "url": "http://jvn.jp/en/jp/JVN38369032/index.html"}, {"source": "vultures@jpcert.or.jp", "tags": ["Vendor Advisory"], "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000152"}, {"source": "vultures@jpcert.or.jp", "tags": ["Vendor Advisory"], "url": "https://support.cybozu.com/ja-jp/article/9176"}], "sourceIdentifier": "vultures@jpcert.or.jp", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}]}