Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-0336

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2014-0336
Last Modified 07 Mar 2014 02:19:02
Published 06 Mar 2014 06:55:05
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2014-0336

Summary

Cross-site request forgery (CSRF) vulnerability in the web client in Serena Dimensions CM 12.2 build 7.199.0 allows remote attackers to hijack the authentication of administrators for requests that use the user_new_master parameter to the adminconsole/ URI.

Vulnerable Systems

Application

  • Serena Dimensions Cm 12.2


References

CERT-VN - VU#823452


Last Updated: 27 May 2016 11:04:34