Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-1990

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2014-1990
Last Modified 21 Apr 2014 03:23:39
Published 19 Apr 2014 03:55:07
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2014-1990

Summary

Cross-site request forgery (CSRF) vulnerability in TopAccess (aka the web-based management utility) on TOSHIBA TEC e-Studio 232, 233, 282, and 283 devices allows remote attackers to hijack the authentication of administrators for requests that change passwords.

Vulnerable Systems


References

CONFIRM - http://www.toshibatec.co.jp/page.jsp?id=4224

JVNDB - JVNDB-2014-000038

JVN - JVN#13313061


Last Updated: 27 May 2016 11:05:02