Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2009-4079

Опубликовано: 25 нояб. 2009
Источник: nvd
CVSS2: 6.8
EPSS Низкий

Описание

Cross-site request forgery (CSRF) vulnerability in Redmine 0.8.5 and earlier allows remote attackers to hijack the authentication of users for requests that delete a ticket via unspecified vectors.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:redmine:redmine:*:*:*:*:*:*:*:*
Версия до 0.8.5 (включая)
cpe:2.3:a:redmine:redmine:0.1.0:*:*:*:*:*:*:*
cpe:2.3:a:redmine:redmine:0.2.1:*:*:*:*:*:*:*
cpe:2.3:a:redmine:redmine:0.2.2:*:*:*:*:*:*:*
cpe:2.3:a:redmine:redmine:0.3.0:*:*:*:*:*:*:*
cpe:2.3:a:redmine:redmine:0.4.0:*:*:*:*:*:*:*
cpe:2.3:a:redmine:redmine:0.4.1:*:*:*:*:*:*:*
cpe:2.3:a:redmine:redmine:0.4.2:*:*:*:*:*:*:*
cpe:2.3:a:redmine:redmine:0.5.0:*:*:*:*:*:*:*
cpe:2.3:a:redmine:redmine:0.5.1:*:*:*:*:*:*:*
cpe:2.3:a:redmine:redmine:0.6.0:*:*:*:*:*:*:*
cpe:2.3:a:redmine:redmine:0.6.1:*:*:*:*:*:*:*
cpe:2.3:a:redmine:redmine:0.6.2:*:*:*:*:*:*:*
cpe:2.3:a:redmine:redmine:0.6.3:*:*:*:*:*:*:*
cpe:2.3:a:redmine:redmine:0.6.4:*:*:*:*:*:*:*
cpe:2.3:a:redmine:redmine:0.7.0:*:*:*:*:*:*:*
cpe:2.3:a:redmine:redmine:0.7.0:rc1:*:*:*:*:*:*
cpe:2.3:a:redmine:redmine:0.7.1:*:*:*:*:*:*:*
cpe:2.3:a:redmine:redmine:0.7.2:*:*:*:*:*:*:*
cpe:2.3:a:redmine:redmine:0.7.3:*:*:*:*:*:*:*
cpe:2.3:a:redmine:redmine:0.7.4:*:*:*:*:*:*:*
cpe:2.3:a:redmine:redmine:0.8.0:*:*:*:*:*:*:*
cpe:2.3:a:redmine:redmine:0.8.0:rc1:*:*:*:*:*:*
cpe:2.3:a:redmine:redmine:0.8.1:*:*:*:*:*:*:*
cpe:2.3:a:redmine:redmine:0.8.2:*:*:*:*:*:*:*
cpe:2.3:a:redmine:redmine:0.8.3:*:*:*:*:*:*:*
cpe:2.3:a:redmine:redmine:0.8.4:*:*:*:*:*:*:*

EPSS

Процентиль: 50%
0.00269
Низкий

6.8 Medium

CVSS2

Дефекты

CWE-352

Связанные уязвимости

ubuntu логотип

CVE-2009-4079

ubuntu
около 16 лет назад

Cross-site request forgery (CSRF) vulnerability in Redmine 0.8.5 and earlier allows remote attackers to hijack the authentication of users for requests that delete a ticket via unspecified vectors.

debian логотип

CVE-2009-4079

debian
около 16 лет назад

Cross-site request forgery (CSRF) vulnerability in Redmine 0.8.5 and e ...

github логотип

GHSA-rm8f-p7g6-p8p4

github
почти 4 года назад

Cross-site request forgery (CSRF) vulnerability in Redmine 0.8.5 and earlier allows remote attackers to hijack the authentication of users for requests that delete a ticket via unspecified vectors.

EPSS

Процентиль: 50%
0.00269
Низкий

6.8 Medium

CVSS2

Дефекты

CWE-352