CVE-2016-4315 - CERT CVE
ID CVE-2016-4315
Sažetak Cross-site request forgery (CSRF) vulnerability in WSO2 Carbon 4.4.5 allows remote attackers to hijack the authentication of privileged users for requests that shutdown a server via a shutdown action to server-admin/proxy_ajaxprocessor.jsp.
Reference
CVSS
Base: 3.5
Impact: 2.9
Exploitability:6.8
Pristup
VektorSloženostAutentikacija
NETWORK MEDIUM SINGLE
Impact
PovjerljivostCjelovitostDostupnost
NONE NONE PARTIAL
CVSS vektor AV:N/AC:M/Au:S/C:N/I:N/A:P
Zadnje važnije ažuriranje 09-10-2018 - 20:00
Objavljeno 17-02-2017 - 02:59