Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4943

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2012-4943
Last Modified 25 Jun 2013 11:14:48
Published 18 Nov 2012 04:55:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-4943

Summary

Multiple cross-site request forgery (CSRF) vulnerabilities in Agile FleetCommander and FleetCommander Kiosk before 4.08 allow remote attackers to hijack the authentication of arbitrary users for requests that modify (1) passwords, (2) accounts, or (3) permissions.

Vulnerable Systems

Application

  • Agilefleet Fleetcommander 4.0

  • Agilefleet Fleetcommander Kiosk 4.0


References

CERT-VN - VU#427547

XF - fleetcommander-interface-csrf(79854)

BID - 56427


Last Updated: 27 May 2016 10:58:28