Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-28j4-qjc4-hx8v

Опубликовано: 17 мая 2022
Источник: github
Github: Не прошло ревью

Описание

Cross-site request forgery (CSRF) vulnerability in password-manager/changePasswords.do in BMC Identity Management Suite 7.5.00.103 allows remote attackers to hijack the authentication of administrators for requests that change passwords.

Cross-site request forgery (CSRF) vulnerability in password-manager/changePasswords.do in BMC Identity Management Suite 7.5.00.103 allows remote attackers to hijack the authentication of administrators for requests that change passwords.

EPSS

Процентиль: 43%
0.00202
Низкий

Дефекты

CWE-352

Связанные уязвимости

nvd
около 13 лет назад

Cross-site request forgery (CSRF) vulnerability in password-manager/changePasswords.do in BMC Identity Management Suite 7.5.00.103 allows remote attackers to hijack the authentication of administrators for requests that change passwords.

EPSS

Процентиль: 43%
0.00202
Низкий

Дефекты

CWE-352