Lucene search

[email protected]CVE-2008-2276

HistoryMay 16, 2008 - 12:54 p.m.

CVE-2008-2276

2008-05-1612:54:00

CWE-352

[email protected]

web.nvd.nist.gov

cve-2008-2276

cross-site request forgery

csrf vulnerability

mantis 1.1.1

security

vulnerability

nvd

6.4 Medium

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

71.6%

JSON

Cross-site request forgery (CSRF) vulnerability in manage_user_create.php in Mantis 1.1.1 allows remote attackers to create new administrative users via a crafted link.

CPENameOperatorVersion
matisbt:mantismatisbt mantiseq1.1.1

CPE	Name	Operator	Version
matisbt:mantis	matisbt mantis	eq	1.1.1

References

marc.info/?l=bugtraq&m=121130774617956&w=4

secunia.com/advisories/30270

secunia.com/advisories/31171

secunia.com/advisories/31972

sourceforge.net/project/shownotes.php?group_id=14963&release_id=595025

www.gentoo.org/security/en/glsa/glsa-200809-10.xml

www.securityfocus.com/bid/29297

www.vupen.com/english/advisories/2008/1598/references

exchange.xforce.ibmcloud.com/vulnerabilities/42447

www.exploit-db.com/exploits/5657

www.redhat.com/archives/fedora-package-announce/2008-July/msg00801.html

www.redhat.com/archives/fedora-package-announce/2008-July/msg00813.html

6.4 Medium

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

71.6%

JSON

Related for CVE-2008-2276

securityvulns3 openvas8 prion1 seebug2 nessus5 packetstorm1 fedora2 exploitpack1 ubuntucve1 exploitdb1 gentoo1 freebsd1