Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4002

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2012-4002
Last Modified 10 Apr 2013 11:30:31
Published 09 Oct 2012 07:55:04
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-4002

Summary

Cross-site request forgery (CSRF) vulnerability in GLPI-PROJECT GLPI before 0.83.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

Vulnerable Systems

Application

  • Glpi-project Glpi 0.20

  • Glpi-project Glpi 0.21

  • Glpi-project Glpi 0.30

  • Glpi-project Glpi 0.31

  • Glpi-project Glpi 0.40

  • Glpi-project Glpi 0.41

  • Glpi-project Glpi 0.42

  • Glpi-project Glpi 0.5

  • Glpi-project Glpi 0.51

  • Glpi-project Glpi 0.51a

  • Glpi-project Glpi 0.6

  • Glpi-project Glpi 0.65

  • Glpi-project Glpi 0.68

  • Glpi-project Glpi 0.68.1

  • Glpi-project Glpi 0.68.2

  • Glpi-project Glpi 0.68.3

  • Glpi-project Glpi 0.70

  • Glpi-project Glpi 0.70.1

  • Glpi-project Glpi 0.70.2

  • Glpi-project Glpi 0.71

  • Glpi-project Glpi 0.71.1

  • Glpi-project Glpi 0.71.2

  • Glpi-project Glpi 0.71.3

  • Glpi-project Glpi 0.71.4

  • Glpi-project Glpi 0.71.5

  • Glpi-project Glpi 0.71.6

  • Glpi-project Glpi 0.72

  • Glpi-project Glpi 0.72.1

  • Glpi-project Glpi 0.72.2

  • Glpi-project Glpi 0.72.3

  • Glpi-project Glpi 0.72.4

  • Glpi-project Glpi 0.78

  • Glpi-project Glpi 0.78.1

  • Glpi-project Glpi 0.78.2

  • Glpi-project Glpi 0.78.3

  • Glpi-project Glpi 0.78.4

  • Glpi-project Glpi 0.78.5

  • Glpi-project Glpi 0.80

  • Glpi-project Glpi 0.80.1

  • Glpi-project Glpi 0.80.2

  • Glpi-project Glpi 0.80.3

  • Glpi-project Glpi 0.80.4

  • Glpi-project Glpi 0.80.5

  • Glpi-project Glpi 0.80.6

  • Glpi-project Glpi 0.80.61

  • Glpi-project Glpi 0.80.7

  • Glpi-project Glpi 0.83

  • Glpi-project Glpi 0.83.1

  • Glpi-project Glpi 0.83.2


References

CONFIRM - https://forge.indepnet.net/projects/glpi/versions/771

CONFIRM - https://forge.indepnet.net/issues/3707

CONFIRM - https://forge.indepnet.net/issues/3704

MLIST - [oss-security] 20120712 GLPI 0.83.2 CVE-2012-4002 CSRF and CVE-2012-4003 XSS

MANDRIVA - MDVSA-2012:132


Last Updated: 27 May 2016 11:00:56