Описание
Multiple cross-site request forgery (CSRF) vulnerabilities in the Multisite GUI in Check_MK before 1.2.5i2 allow remote attackers to hijack the authentication of users for requests that (1) upload arbitrary snapshots, (2) delete arbitrary files, or possibly have other unspecified impact via unknown vectors.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | |
| esm-apps/xenial | not-affected | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [1.2.2p3-1]] |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needed |
| trusty | not-affected | 1.2.2p3-1 |
| trusty/esm | DNE | trusty was not-affected [1.2.2p3-1] |
| upstream | released | 1.2.2p3-1 |
| vivid | not-affected | |
| vivid/stable-phone-overlay | DNE |
Показывать по
EPSS
6.8 Medium
CVSS2
Связанные уязвимости
Multiple cross-site request forgery (CSRF) vulnerabilities in the Multisite GUI in Check_MK before 1.2.5i2 allow remote attackers to hijack the authentication of users for requests that (1) upload arbitrary snapshots, (2) delete arbitrary files, or possibly have other unspecified impact via unknown vectors.
Multiple cross-site request forgery (CSRF) vulnerabilities in the Mult ...
Multiple cross-site request forgery (CSRF) vulnerabilities in the Multisite GUI in Check_MK before 1.2.5i2 allow remote attackers to hijack the authentication of users for requests that (1) upload arbitrary snapshots, (2) delete arbitrary files, or possibly have other unspecified impact via unknown vectors.
EPSS
6.8 Medium
CVSS2