Lucene search

[email protected]CVE-2008-2140

HistoryMay 12, 2008 - 5:20 p.m.

CVE-2008-2140

2008-05-1217:20:00

CWE-352

[email protected]

web.nvd.nist.gov

cve-2008-2140

csrf

vulnerability

rpath appliance platform agent

7.8 High

AI Score

Confidence

Low

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

35.2%

JSON

Cross-site request forgery (CSRF) vulnerability in the rootpw plugin in rPath Appliance Platform Agent 2 and 3 allows remote attackers to reset the root password as the administrator via a crafted URL.

CPENameOperatorVersion
rpath:appliance_platform_agentrpath appliance platform agenteq3
rpath:appliance_platform_agentrpath appliance platform agenteq2

CPE	Name	Operator	Version
rpath:appliance_platform_agent	rpath appliance platform agent	eq	3
rpath:appliance_platform_agent	rpath appliance platform agent	eq	2

References

wiki.rpath.com/wiki/Advisories:rPSA-2008-0148

exchange.xforce.ibmcloud.com/vulnerabilities/42393

7.8 High

AI Score

Confidence

Low

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

35.2%

JSON

Related for CVE-2008-2140

prion1 cvelist1