Lucene search

[email protected]CVE-2011-1026

HistoryJun 02, 2011 - 8:55 p.m.

CVE-2011-1026

2011-06-0220:55:00

CWE-352

[email protected]

web.nvd.nist.gov

cve-2011-1026

csrf

apache archiva

vulnerability

nvd

7 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

52.8%

JSON

Multiple cross-site request forgery (CSRF) vulnerabilities in Apache Archiva 1.0 through 1.2.2, and 1.3.x before 1.3.5, allow remote attackers to hijack the authentication of administrators.

CPENameOperatorVersion
apache:archivaapache archivaeq1.2.1
apache:archivaapache archivaeq1.3.3
apache:archivaapache archivaeq1.0.3
apache:archivaapache archivaeq1.1.4
apache:archivaapache archivaeq1.2
apache:archivaapache archivaeq1.2.2
apache:archivaapache archivaeq1.0
apache:archivaapache archivaeq1.1.3
apache:archivaapache archivaeq1.0.1
apache:archivaapache archivaeq1.3.4

CPE	Name	Operator	Version
apache:archiva	apache archiva	eq	1.2.1
apache:archiva	apache archiva	eq	1.3.3
apache:archiva	apache archiva	eq	1.0.3
apache:archiva	apache archiva	eq	1.1.4
apache:archiva	apache archiva	eq	1.2
apache:archiva	apache archiva	eq	1.2.2
apache:archiva	apache archiva	eq	1.0
apache:archiva	apache archiva	eq	1.1.3
apache:archiva	apache archiva	eq	1.0.1
apache:archiva	apache archiva	eq	1.3.4

Rows per page:

1-10 of 181

References

archiva.apache.org/docs/1.3.5/release-notes.html

archiva.apache.org/security.html

archives.neohapsis.com/archives/fulldisclosure/2011-05/0532.html

secunia.com/advisories/44693

securityreason.com/securityalert/8266

www.securityfocus.com/archive/1/518168/100/0/threaded

www.securityfocus.com/bid/48015

exchange.xforce.ibmcloud.com/vulnerabilities/67671

7 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

52.8%

JSON

Related for CVE-2011-1026

prion1 packetstorm3 securityvulns4 openvas1 nessus1