Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2012-4431

Опубликовано: 19 дек. 2012
Источник: ubuntu
Приоритет: medium
CVSS2: 4.3

Описание

org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier.

РелизСтатусПримечание
devel

not-affected

6.0.35-6
hardy

DNE

lucid

not-affected

6.0.24-2ubuntu1.11
oneiric

released

6.0.32-5ubuntu1.4
precise

released

6.0.35-1ubuntu3.2
quantal

released

6.0.35-5ubuntu0.1
raring

not-affected

6.0.35-6
upstream

released

6.0.35-6

Показывать по

РелизСтатусПримечание
devel

not-affected

7.0.34-0ubuntu1
hardy

DNE

lucid

DNE

oneiric

released

7.0.21-1ubuntu0.1
precise

released

7.0.26-1ubuntu1.2
quantal

released

7.0.30-0ubuntu1.1
raring

not-affected

7.0.34-0ubuntu1
upstream

released

7.0.28-4

Показывать по

Ссылки на источники

4.3 Medium

CVSS2

Связанные уязвимости

redhat логотип

CVE-2012-4431

redhat
больше 12 лет назад

org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier.

nvd логотип

CVE-2012-4431

nvd
больше 12 лет назад

org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier.

debian логотип

CVE-2012-4431

debian
больше 12 лет назад

org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat ...

github логотип

GHSA-76vr-72mv-mf3q

github
около 3 лет назад

Cross-Site Request Forgery in Apache Tomcat

4.3 Medium

CVSS2