CVE-2010-2113

Sažetak

Multiple cross-site request forgery (CSRF) vulnerabilities in The Uniform Server 5.6.5 allow remote attackers to hijack the authentication of administrators for requests that change passwords via (1) apsetup.php, (2) psetup.php, (3) sslpsetup.php, or (4) mqsetup.php.

Reference

http://cross-site-scripting.blogspot.com/2010/05/uniform-server-565-xsrf.html
http://osvdb.org/64858
http://secunia.com/advisories/39913
https://exchange.xforce.ibmcloud.com/vulnerabilities/58844

CVSS

Base:	3.5
Impact:	2.9
Exploitability:	6.8

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:N/AC:M/Au:S/C:N/I:P/A:N

Zadnje važnije ažuriranje

17-08-2017 - 01:32

Objavljeno

28-05-2010 - 20:30