exploitDog

CVE-2010-0153

Опубликовано: 14 сент. 2010

Источник: nvd

CVSS2: 6.8

EPSS Низкий

Описание

Multiple cross-site request forgery (CSRF) vulnerabilities in the Local Management Interface (LMI) on the IBM Proventia Network Mail Security System (PNMSS) appliance with firmware before 2.5.0.2 allow remote attackers to hijack the authentication of administrators for requests that (1) change settings or (2) conduct denial of service attacks.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:ibm:proventia_network_mail_security_system_virtual_appliance:*:*:*:*:*:*:*:*

Одно из

cpe:2.3:a:ibm:proventia_network_mail_security_system_virtual_appliance_firmware:1.6:*:*:*:*:*:*:*

cpe:2.3:a:ibm:proventia_network_mail_security_system_virtual_appliance_firmware:2.5:*:*:*:*:*:*:*

EPSS

Процентиль: 33%

0.0013

Низкий

6.8 Medium

CVSS2

Дефекты

CWE-352

Связанные уязвимости

GHSA-9w39-p67f-3c97

github

почти 4 года назад

Multiple cross-site request forgery (CSRF) vulnerabilities in the Local Management Interface (LMI) on the IBM Proventia Network Mail Security System (PNMSS) appliance with firmware before 2.5.0.2 allow remote attackers to hijack the authentication of administrators for requests that (1) change settings or (2) conduct denial of service attacks.

EPSS

Процентиль: 33%

0.0013

Низкий

6.8 Medium

CVSS2

Дефекты

CWE-352