Lucene search
HistoryDec 09, 2013 - 4:55 p.m.
CVE-2013-5355
cve-2013-5355
sharetronix
csrf
remote attackers
authentication
hijack
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.5 High
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
52.8%
Multiple cross-site request forgery (CSRF) vulnerabilities in Sharetronix 3.1.1 allow remote attackers to hijack the authentication of administrators for requests that (1) change configuration settings or (2) create new administrative users via unspecified vectors.
Affected configurations
Node
sharetronixsharetronixMatch3.1.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| sharetronix:sharetronix | sharetronix | eq | 3.1.1 |
Related
cvelist
cvelist
CVE-2013-5355
2013-12-09 16:00:00
prion
prion
Cross site request forgery (csrf)
2013-12-09 16:55:00
nvd
nvd
CVE-2013-5355
2013-12-09 16:55:09
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.5 High
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
52.8%
Related for CVE-2013-5355