CVE-2009-0272

Sažetak

Cross-site request forgery (CSRF) vulnerability in Novell GroupWise WebAccess 6.5x, 7.0, 7.01, 7.02x, 7.03, 7.03HP1a, and 8.0 allows remote attackers to insert e-mail forwarding rules, and modify unspecified other configuration settings, as arbitrary users via unknown vectors.

Reference

http://secunia.com/advisories/33744
http://www.novell.com/support/search.do?usemicrosite=true&searchString=7002319
http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr08-21
http://www.securityfocus.com/archive/1/500569/100/0/threaded

CVSS

Base:	6.8
Impact:	6.4
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:M/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

11-10-2018 - 21:01

Objavljeno

02-02-2009 - 22:30