Lucene search
HistoryNov 04, 2014 - 3:55 p.m.
CVE-2013-7057
cve-2013-7057
cross-site request forgery
csrf vulnerability
axway securetransport
security vulnerability
file upload vulnerability
7.3 High
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.007 Low
EPSS
Percentile
80.3%
Cross-site request forgery (CSRF) vulnerability in Axway SecureTransport 5.1 SP2 and earlier allows remote attackers to hijack the authentication of unspecified users for requests that upload arbitrary files via a crafted request to api/v1.0/files/.
| CPE | Name | Operator | Version |
|---|---|---|---|
| axway:securetransport | axway securetransport | le | 5.1 |
Related
prion
prion
Cross site request forgery (csrf)
2014-11-04 15:55:00
zdt
zdt
Axway Secure Transport 5.1 SP2 - Arbitary File Upload via CSRF
2014-10-28 00:00:00
cvelist
cvelist
CVE-2013-7057
2014-11-04 15:00:00
exploitpack
exploitpack
seebug
seebug
Axway Secure Transport 5.1 SP2 - Arbitary File Upload via CSRF
2014-11-13 00:00:00
exploitdb
exploitdb
7.3 High
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.007 Low
EPSS
Percentile
80.3%
Related for CVE-2013-7057