CVE-2014-2358

2014-10-19T01:55:00
ID CVE-2014-2358
Type cve
Reporter cve@mitre.org
Modified 2014-12-16T18:13:00

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in the administrative web interface in the proxy server on Fox-IT Fox DataDiode appliances before 1.7.2 allow remote attackers to hijack the authentication of administrators for requests that (1) create administrative users, (2) remove administrative users, or (3) change permissions.