Lucene search

[email protected]CVE-2011-5316

HistoryOct 03, 2022 - 4:15 p.m.

CVE-2011-5316

2022-10-0316:15:12

CWE-352

[email protected]

web.nvd.nist.gov

cve-2011-5316

csrf

vulnerability

cambio 0.5a nighttime

r37

admin/index.php

authentication

administrators

credentials

user save action

7.3 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

51.9%

JSON

Cross-site request forgery (CSRF) vulnerability in admin/index.php in Cambio 0.5a nightly r37 allows remote attackers to hijack the authentication of administrators for requests that modify credentials via a user save action.

Affected configurations

NVD

Node

cambio_projectcambioMatch0.5ar37nightly

CPENameOperatorVersion
cambio_project:cambiocambio project cambioeq0.5a

CPE	Name	Operator	Version
cambio_project:cambio	cambio project cambio	eq	0.5a

References

www.htbridge.com/advisory/HTB22768

7.3 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

51.9%

JSON

Related for CVE-2011-5316

nvd1 prion1 cvelist1