exploitDog

CVE-2010-2268

Опубликовано: 15 июн. 2010

Источник: nvd

CVSS2: 6.8

EPSS Низкий

Описание

Cross-site request forgery (CSRF) vulnerability in authcfg.cgi in Accoria Web Server (aka Rock Web Server) 1.4.7 allows remote attackers to hijack the authentication of administrators for requests that create user accounts.

Ссылки

http://www.ioactive.com/pdfs/AccoriaWebServer.pdf
Exploit
http://www.kb.cert.org/vuls/id/245081
US Government Resource
http://www.ioactive.com/pdfs/AccoriaWebServer.pdf
Exploit
http://www.kb.cert.org/vuls/id/245081
US Government Resource

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:accoria:rock_web_server:1.4.7:*:*:*:*:*:*:*

EPSS

Процентиль: 23%

0.00079

Низкий

6.8 Medium

CVSS2

Дефекты

CWE-352

Связанные уязвимости

GHSA-x286-r6h6-3gg7

github

больше 3 лет назад

Cross-site request forgery (CSRF) vulnerability in authcfg.cgi in Accoria Web Server (aka Rock Web Server) 1.4.7 allows remote attackers to hijack the authentication of administrators for requests that create user accounts.

EPSS

Процентиль: 23%

0.00079

Низкий

6.8 Medium

CVSS2

Дефекты

CWE-352