Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-3362

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2012-3362
Last Modified 26 Jul 2012 11:40:39
Published 12 Jul 2012 04:55:16
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-3362

Summary

Cross-site request forgery (CSRF) vulnerability in eXtplorer 2.1 RC3 and earlier allows remote attackers to hijack the authentication of administrators for requests that add an administrator account via an adduser admin action.

Vulnerable Systems

Application

  • Extplorer 2.1.0


References

MLIST - [oss-security] 20120627 Re: CVE request: CSRF in eXtplorer

MLIST - [oss-security] 20120626 Re: CVE request: CSRF in eXtplorer

MLIST - [oss-security] 20120624 Re: CVE request: CSRF in eXtplorer

MLIST - [oss-security] 20120624 CVE request: CSRF in eXtplorer

MISC - http://www.autosectools.com/Advisories/eXtplorer.2.1.RC3_Cross-site.Request.Forgery_174.html

DEBIAN - DSA-2510


Last Updated: 27 May 2016 10:54:58