CVE-2011-2191

Опубликовано: 07 окт. 2011

Источник: nvd

CVSS2: 6.8

EPSS Низкий

Описание

Cross-site request forgery (CSRF) vulnerability in Cherokee-admin in Cherokee before 1.2.99 allows remote attackers to hijack the authentication of administrators for requests that insert cross-site scripting (XSS) sequences, as demonstrated by a crafted nickname field to vserver/apply.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:cherokee-project:cherokee:*:*:*:*:*:*:*:*

Версия до 1.2.98 (включая)

cpe:2.3:a:cherokee-project:cherokee:0.3.0:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.4.0:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.4.1:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.4.2:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.4.3:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.4.4:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.4.5:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.4.6:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.4.7:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.4.8:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.4.9:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.4.10:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.4.11:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.4.12:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.4.13:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.4.14:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.4.15:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.4.16:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.4.17:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.4.18:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.4.19:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.4.20:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.4.21:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.4.22:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.4.23:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.4.24:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.4.25:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.4.26:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.4.27:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.4.28:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.4.29:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.4.30:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.5.0:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.5.1:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.5.2:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.5.3:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.5.4:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.5.5:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.5.6:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.6.0:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.6.1:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.7.0:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.7.1:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.7.2:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.8.0:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.8.1:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.9.0:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.9.1:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.9.2:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.9.3:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.9.4:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.10.0:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.10.1:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.11.0:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.11.1:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.11.2:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.11.3:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.11.4:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.11.5:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.11.6:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.98.0:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.98.1:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.99.0:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.99.1:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.99.2:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.99.3:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.99.4:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.99.5:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.99.6:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.99.07:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.99.8:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.99.9:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.99.10:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.99.11:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.99.12:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.99.13:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.99.14:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.99.15:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.99.16:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.99.17:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.99.18:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.99.19:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.99.20:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.99.21:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.99.22:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.99.23:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.99.24:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.99.25:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.99.26:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.99.27:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.99.28:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.99.29:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.99.30:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.99.31:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.99.32:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.99.33:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.99.34:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.99.35:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.99.36:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.99.37:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.99.38:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.99.39:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.99.40:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.99.41:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.99.42:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.99.43:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.99.44:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.99.45:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.99.46:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.99.47:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.99.48:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:0.99.49:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:1.0.0:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:1.0.1:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:1.0.2:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:1.0.3:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:1.0.4:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:1.0.5:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:1.0.6:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:1.0.7:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:1.0.8:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:1.0.9:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:1.0.10:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:1.0.11:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:1.0.12:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:1.0.13:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:1.0.14:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:1.0.15:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:1.0.16:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:1.0.17:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:1.0.18:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:1.0.19:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:1.0.20:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:1.2.0:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:1.2.1:*:*:*:*:*:*:*

cpe:2.3:a:cherokee-project:cherokee:1.2.2:*:*:*:*:*:*:*

EPSS

Процентиль: 69%

0.00592

Низкий

6.8 Medium

CVSS2

Дефекты

CWE-352

Связанные уязвимости

CVE-2011-2191

ubuntu

около 14 лет назад

CVE-2011-2191

debian

около 14 лет назад

Cross-site request forgery (CSRF) vulnerability in Cherokee-admin in C ...

GHSA-mfhm-xfg5-jwjm

github

больше 3 лет назад

EPSS

Процентиль: 69%

0.00592

Низкий

6.8 Medium

CVSS2

Дефекты

CWE-352