← back
CVE-2024-31400

CVE-2024-31400

CVSS 6.5 MEDIUMEPSS 0.3%CWE-922
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 6.5EPSS 0.3%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
11 Jun 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Insertion of sensitive information into sent data issue exists in Cybozu Garoon 5.0.0 to 5.15.0. If this vulnerability is exploited, unintended data may be left in forwarded mail.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Affected products
Cybozu, Inc. · Cybozu Garoon

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://cs.cybozu.co.jp/2024/007901.htmlhttps://jvn.jp/en/jp/JVN28869536/