Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3421

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-3421
Last Modified 02 Apr 2009 12:00:00
Published 31 Jul 2008 01:41:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-3421

Summary

Multiple cross-site request forgery (CSRF) vulnerabilities in Blackboard Academic Suite 8.0.260.7 allow remote attackers to hijack the authentication of student users for requests that change configuration and enrollments via unspecified input to (1) update_module.jsp, (2) enroll_course.pl, and (3) unenroll.jsp.

Vulnerable Systems

Application

  • Blackboard Academic Suite 8.0.260.7


References

XF - blackboard-unspecified-csrf(43986)

SECTRACK - 1020559

SECUNIA - 31177

MISC - http://ceaseless.ws/bb-csrf/


Last Updated: 27 May 2016 10:48:12