Описание
Insufficient Cross-Site Request Forgery (XSRF) protection on Expedition Migration Tool allows remote unauthenticated attackers to hijack the authentication of administrators and to perform actions on the Expedition Migration Tool. This issue affects Expedition Migration Tool 1.1.51 and earlier versions.
Ссылки
- Vendor Advisory
- Third Party Advisory
- Vendor Advisory
- Third Party Advisory
Уязвимые конфигурации
EPSS
7.5 High
CVSS3
8.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
Связанные уязвимости
Insufficient Cross-Site Request Forgery (XSRF) protection on Expedition Migration Tool allows remote unauthenticated attackers to hijack the authentication of administrators and to perform actions on the Expedition Migration Tool. This issue affects Expedition Migration Tool 1.1.51 and earlier versions.
Уязвимость инструмента миграции конфигурации The Expedition Migration tool, связанная с подделкой межсайтовых запросов, позволяющая нарушителю подменить пользователя в ходе сессии и выполнить произвольный код
EPSS
7.5 High
CVSS3
8.8 High
CVSS3
6.8 Medium
CVSS2