CVE-2014-0026

Опубликовано: 11 июл. 2014

Источник: redhat

CVSS2: 4.3

Описание

katello-headpin is vulnerable to CSRF in REST API

Отчет

This issue affects the versions of katello-headpin as shipped with Red Hat Subscription Asset Manager 1. Red Hat Product Security has rated this issue as having Moderate security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Subscription Asset Manager	katello-headpin	Affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-352

https://bugzilla.redhat.com/show_bug.cgi?id=1059432katello-headpin: CSRF in REST API

4.3 Medium

CVSS2

Связанные уязвимости

CVE-2014-0026

CVSS3: 6.5

nvd

около 6 лет назад

katello-headpin is vulnerable to CSRF in REST API

GHSA-j4p5-f3gj-6jw2

github

больше 3 лет назад

katello-headpin is vulnerable to CSRF in REST API

4.3 Medium

CVSS2