Lucene search

[email protected]CVE-2014-2659

HistoryApr 22, 2014 - 2:23 p.m.

CVE-2014-2659

2014-04-2214:23:00

CWE-352

[email protected]

web.nvd.nist.gov

cve-2014-2659

csrf

vulnerability

papercut mf

papercut ng

admin ui

7.3 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

52.5%

JSON

Cross-site request forgery (CSRF) vulnerability in the admin UI in Papercut MF and NG before 14.1 (Build 26983) allows remote attackers to hijack the authentication of administrators via unspecified vectors.

CPENameOperatorVersion
papercut:papercut_ngpapercut papercut ngeq12.5
papercut:papercut_mfpapercut papercut mfeq13.5
papercut:papercut_ngpapercut papercut ngeq13.2
papercut:papercut_mfpapercut papercut mfeq12.2
papercut:papercut_mfpapercut papercut mfle14.1
papercut:papercut_mfpapercut papercut mfeq12.0
papercut:papercut_ngpapercut papercut ngle14.1
papercut:papercut_mfpapercut papercut mfeq13.3
papercut:papercut_ngpapercut papercut ngeq12.0
papercut:papercut_mfpapercut papercut mfeq12.1

CPE	Name	Operator	Version
papercut:papercut_ng	papercut papercut ng	eq	12.5
papercut:papercut_mf	papercut papercut mf	eq	13.5
papercut:papercut_ng	papercut papercut ng	eq	13.2
papercut:papercut_mf	papercut papercut mf	eq	12.2
papercut:papercut_mf	papercut papercut mf	le	14.1
papercut:papercut_mf	papercut papercut mf	eq	12.0
papercut:papercut_ng	papercut papercut ng	le	14.1
papercut:papercut_mf	papercut papercut mf	eq	13.3
papercut:papercut_ng	papercut papercut ng	eq	12.0
papercut:papercut_mf	papercut papercut mf	eq	12.1

Rows per page:

1-10 of 281

References

secunia.com/advisories/58037

www.papercut-mf.com/release-history/

www.papercut.com/release-history/

exchange.xforce.ibmcloud.com/vulnerabilities/92648

7.3 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

52.5%

JSON

Related for CVE-2014-2659

prion1 cvelist1 kaspersky1