Remote Service Manager
by Cybozu
CVEs (8)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-7815 | Med | 0.27 | 4.2 | 0.00 | Apr 28, 2017 | Remote Service Manager 3.0.0 to 3.1.4 fails to verify client certificates, which may allow remote attackers to gain access to systems on the network. | ||
| CVE-2023-46278 | 0.00 | — | 0.01 | Oct 31, 2023 | Uncontrolled resource consumption vulnerability in Cybozu Remote Service 4.1.0 to 4.1.1 allows a remote authenticated attacker to consume huge storage space or cause significantly delayed communication. | |||
| CVE-2022-26838 | 0.00 | — | 0.01 | Aug 3, 2023 | Path traversal vulnerability in Importing Mobile Device Data of Cybozu Remote Service 3.1.2 allows a remote authenticated attacker to cause a denial-of-service (DoS) condition. | |||
| CVE-2022-44608 | 0.00 | — | 0.01 | Dec 7, 2022 | Uncontrolled resource consumption vulnerability in Cybozu Remote Service 4.0.0 to 4.0.3 allows a remote authenticated attacker to consume huge storage space, which may result in a denial-of-service (DoS) condition. | |||
| CVE-2018-16172 | 0.00 | — | 0.01 | Jan 9, 2019 | Improper countermeasure against clickjacking attack in client certificates management screen was discovered in Cybozu Remote Service 3.0.0 to 3.1.8, that allows remote attackers to trick a user to delete the registered client certificate. | |||
| CVE-2014-7266 | 0.00 | — | 0.02 | Feb 1, 2015 | Algorithmic complexity vulnerability in Cybozu Remote Service Manager through 2.3.0 and 3.x through 3.1.2 allows remote attackers to cause a denial of service (CPU consumption) via vectors that trigger colliding hash-table keys. NOTE: this vulnerability exists because of an… | |||
| CVE-2014-1984 | 0.00 | — | 0.02 | Apr 19, 2014 | Session fixation vulnerability in the management screen in Cybozu Remote Service Manager through 2.3.0 and 3.x before 3.1.1 allows remote attackers to hijack web sessions via unspecified vectors. | |||
| CVE-2014-1983 | 0.00 | — | 0.02 | Apr 19, 2014 | Unspecified vulnerability in Cybozu Remote Service Manager through 2.3.0 and 3.x before 3.1.1 allows remote attackers to cause a denial of service (CPU consumption) via unknown vectors. |
- risk 0.27cvss 4.2epss 0.00
Remote Service Manager 3.0.0 to 3.1.4 fails to verify client certificates, which may allow remote attackers to gain access to systems on the network.
- CVE-2023-46278Oct 31, 2023risk 0.00cvss —epss 0.01
Uncontrolled resource consumption vulnerability in Cybozu Remote Service 4.1.0 to 4.1.1 allows a remote authenticated attacker to consume huge storage space or cause significantly delayed communication.
- CVE-2022-26838Aug 3, 2023risk 0.00cvss —epss 0.01
Path traversal vulnerability in Importing Mobile Device Data of Cybozu Remote Service 3.1.2 allows a remote authenticated attacker to cause a denial-of-service (DoS) condition.
- CVE-2022-44608Dec 7, 2022risk 0.00cvss —epss 0.01
Uncontrolled resource consumption vulnerability in Cybozu Remote Service 4.0.0 to 4.0.3 allows a remote authenticated attacker to consume huge storage space, which may result in a denial-of-service (DoS) condition.
- CVE-2018-16172Jan 9, 2019risk 0.00cvss —epss 0.01
Improper countermeasure against clickjacking attack in client certificates management screen was discovered in Cybozu Remote Service 3.0.0 to 3.1.8, that allows remote attackers to trick a user to delete the registered client certificate.
- CVE-2014-7266Feb 1, 2015risk 0.00cvss —epss 0.02
Algorithmic complexity vulnerability in Cybozu Remote Service Manager through 2.3.0 and 3.x through 3.1.2 allows remote attackers to cause a denial of service (CPU consumption) via vectors that trigger colliding hash-table keys. NOTE: this vulnerability exists because of an…
- CVE-2014-1984Apr 19, 2014risk 0.00cvss —epss 0.02
Session fixation vulnerability in the management screen in Cybozu Remote Service Manager through 2.3.0 and 3.x before 3.1.1 allows remote attackers to hijack web sessions via unspecified vectors.
- CVE-2014-1983Apr 19, 2014risk 0.00cvss —epss 0.02
Unspecified vulnerability in Cybozu Remote Service Manager through 2.3.0 and 3.x before 3.1.1 allows remote attackers to cause a denial of service (CPU consumption) via unknown vectors.