Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-2692

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2013-2692
Last Modified 14 May 2014 02:04:39
Published 13 May 2014 10:55:09
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2013-2692

Summary

Cross-site request forgery (CSRF) vulnerability in the Admin web interface in OpenVPN Access Server before 1.8.5 allows remote attackers to hijack the authentication of administrators for requests that create administrative users.

Vulnerable Systems

Application

  • Openvpn Access Server 1.8.4


References

SECUNIA - 52802

OSVDB - 93111

CONFIRM - http://openvpn.net/index.php/access-server/download-openvpn-as-sw/531-release-notes-v185.html


Last Updated: 27 May 2016 10:50:04