Lucene search
HistoryDec 23, 2013 - 10:55 p.m.
CVE-2013-4405
cve-2013-4405
cross-site request forgery
csrf
web interface
cumin
red hat enterprise
mrg grid 2.4
authentication hijacking
nvd
7.3 High
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
51.9%
Multiple cross-site request forgery (CSRF) vulnerabilities in the web interface for cumin in Red Hat Enterprise MRG Grid 2.4 allow remote attackers to hijack the authentication of cumin users for unspecified requests.
| CPE | Name | Operator | Version |
|---|---|---|---|
| redhat:enterprise_mrg | redhat enterprise mrg | eq | 2.4 |
Related
veracode
veracode
Cross-site Request Forgery (CSRF)
2019-05-02 04:55:38
prion
prion
Cross site request forgery (csrf)
2013-12-23 22:55:00
redhat
redhat
(RHSA-2013:1851) Moderate: Red Hat Enterprise MRG Grid 2.4 security update
2013-12-17 00:00:00
(RHSA-2013:1852) Moderate: Red Hat Enterprise MRG Grid 2.4 security update
2013-12-17 00:00:00
nessus
nessus
RHEL 5 : MRG (RHSA-2013:1851)
2014-07-22 00:00:00
RHEL 6 : MRG (RHSA-2013:1852)
2014-07-22 00:00:00
7.3 High
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
51.9%
Related for CVE-2013-4405