Cybozu Garoon 3.0.0 to 4.2.3 allows remote authenticated attackers to bypass access restriction in the mail function leading to an alteration of the order of mail folders via unspecified vectors.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Garoon | Cybozu | 3.0.0 (including) | 3.0.0 (including) |
| Garoon | Cybozu | 3.0.1 (including) | 3.0.1 (including) |
| Garoon | Cybozu | 3.0.2 (including) | 3.0.2 (including) |
| Garoon | Cybozu | 3.0.3 (including) | 3.0.3 (including) |
| Garoon | Cybozu | 3.1.0 (including) | 3.1.0 (including) |
| Garoon | Cybozu | 3.1.1 (including) | 3.1.1 (including) |
| Garoon | Cybozu | 3.1.2 (including) | 3.1.2 (including) |
| Garoon | Cybozu | 3.1.3 (including) | 3.1.3 (including) |
| Garoon | Cybozu | 3.5.0 (including) | 3.5.0 (including) |
| Garoon | Cybozu | 3.5.1 (including) | 3.5.1 (including) |
| Garoon | Cybozu | 3.5.2 (including) | 3.5.2 (including) |
| Garoon | Cybozu | 3.5.3 (including) | 3.5.3 (including) |
| Garoon | Cybozu | 3.5.4 (including) | 3.5.4 (including) |
| Garoon | Cybozu | 3.5.5 (including) | 3.5.5 (including) |
| Garoon | Cybozu | 3.7.0 (including) | 3.7.0 (including) |
| Garoon | Cybozu | 3.7.1 (including) | 3.7.1 (including) |
| Garoon | Cybozu | 3.7.2 (including) | 3.7.2 (including) |
| Garoon | Cybozu | 3.7.3 (including) | 3.7.3 (including) |
| Garoon | Cybozu | 3.7.4 (including) | 3.7.4 (including) |
| Garoon | Cybozu | 3.7.5 (including) | 3.7.5 (including) |
| Garoon | Cybozu | 4.0.0 (including) | 4.0.0 (including) |
| Garoon | Cybozu | 4.0.1 (including) | 4.0.1 (including) |
| Garoon | Cybozu | 4.0.2 (including) | 4.0.2 (including) |
| Garoon | Cybozu | 4.0.3 (including) | 4.0.3 (including) |
| Garoon | Cybozu | 4.2.0 (including) | 4.2.0 (including) |
| Garoon | Cybozu | 4.2.1 (including) | 4.2.1 (including) |
| Garoon | Cybozu | 4.2.2 (including) | 4.2.2 (including) |
| Garoon | Cybozu | 4.2.3 (including) | 4.2.3 (including) |