ID |
CVE-2012-2959
|
Sažetak |
Cross-site request forgery (CSRF) vulnerability in password-manager/changePasswords.do in BMC Identity Management Suite 7.5.00.103 allows remote attackers to hijack the authentication of administrators for requests that change passwords. |
Reference |
|
CVSS |
Base: | 5.1 |
Impact: | 6.4 |
Exploitability: | 4.9 |
|
Pristup |
Vektor | Složenost | Autentikacija |
NETWORK |
HIGH |
NONE |
|
Impact |
Povjerljivost | Cjelovitost | Dostupnost |
PARTIAL |
PARTIAL |
PARTIAL |
|
CVSS vektor |
AV:N/AC:H/Au:N/C:P/I:P/A:P |
Zadnje važnije ažuriranje |
12-06-2012 - 04:00 |
Objavljeno |
11-06-2012 - 23:55 |