Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2016-7034

Опубликовано: 06 сент. 2016
Источник: redhat
CVSS3: 4.2
CVSS2: 4
EPSS Низкий

Описание

The dashbuilder in Red Hat JBoss BPM Suite 6.3.2 does not properly handle CSRF tokens generated during an active session and includes them in query strings, which makes easier for remote attackers to (1) bypass CSRF protection mechanisms or (2) conduct cross-site request forgery (CSRF) attacks by obtaining an old token.

It has been reported that CSRF tokens are not properly handled in JBoss BPM suite dashbuilder. Old tokens generated during an active session can be used to bypass CSRF protection. In addition, the tokens are sent in query string so they can be exposed through the browser's history, referrers, web logs, and other sources. Attackers may be able to obtain old tokens from various sources in the network and perform CSRF attacks successfully.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat BPM Suite 6dashbuilderAffected
Red Hat JBoss BRMS 6dashbuilderNot affected
Red Hat JBoss BPMS 6.4FixedRHSA-2017:055716.03.2017
Red Hat JBoss Data Virtualization 6.4dashbuilderFixedRHSA-2018:029613.02.2018

Показывать по

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-352
https://bugzilla.redhat.com/show_bug.cgi?id=1373347Dashbuilder: insecure handling of CSRF token

EPSS

Процентиль: 13%
0.00045
Низкий

4.2 Medium

CVSS3

4 Medium

CVSS2

Связанные уязвимости

CVSS3: 8.8
nvd
почти 9 лет назад

The dashbuilder in Red Hat JBoss BPM Suite 6.3.2 does not properly handle CSRF tokens generated during an active session and includes them in query strings, which makes easier for remote attackers to (1) bypass CSRF protection mechanisms or (2) conduct cross-site request forgery (CSRF) attacks by obtaining an old token.

CVSS3: 8.8
github
больше 3 лет назад

The dashbuilder in Red Hat JBoss BPM Suite 6.3.2 does not properly handle CSRF tokens generated during an active session and includes them in query strings, which makes easier for remote attackers to (1) bypass CSRF protection mechanisms or (2) conduct cross-site request forgery (CSRF) attacks by obtaining an old token.

EPSS

Процентиль: 13%
0.00045
Низкий

4.2 Medium

CVSS3

4 Medium

CVSS2