Lucene search

K
cve[email protected]CVE-2014-1211
HistoryJan 17, 2014 - 9:55 p.m.

CVE-2014-1211

2014-01-1721:55:19
CWE-352
web.nvd.nist.gov
19
cve
2014
1211
cross-site request forgery
csrf
vulnerability
vmware
vcloud director
authentication

7.2 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

55.8%

Cross-site request forgery (CSRF) vulnerability in VMware vCloud Director 5.1.x before 5.1.3 allows remote attackers to hijack the authentication of arbitrary users for requests that trigger a logout.

Affected configurations

NVD
Node
vmwarevcloud_directorMatch5.1.0
OR
vmwarevcloud_directorMatch5.1.1
OR
vmwarevcloud_directorMatch5.1.2

7.2 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

55.8%