Lucene search

K
cve[email protected]CVE-2008-5382
HistoryDec 09, 2008 - 12:30 a.m.

CVE-2008-5382

2008-12-0900:30:00
CWE-352
web.nvd.nist.gov
24
cve-2008-5382
csrf
vulnerability
i-o data
hdl-f160
hdl-f250
hdl-f300
hdl-f320
firmware
remote attackers
configuration
delete files
authenticated user
nvd
security

6.6 Medium

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

59.6%

Cross-site request forgery (CSRF) vulnerability in I-O DATA DEVICE HDL-F160, HDL-F250, HDL-F300, and HDL-F320 firmware before 1.02 allows remote attackers to (1) change a configuration or (2) delete files as an authenticated user via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Affected configurations

NVD
Node
i-o_datahlf-f160
OR
i-o_datahlf-f250
OR
i-o_datahlf-f300
OR
i-o_datahlf-f320

6.6 Medium

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

59.6%

Related for CVE-2008-5382