Lucene search
MitreCVE-2014-7158HistoryOct 02, 2014 - 2:55 p.m.
CVE-2014-7158
2014-10-0214:55:05
CWE-352
mitre
web.nvd.nist.gov
22
cve-2014-7158
cross-site request forgery
csrf
exinda wan optimization suite
security vulnerability
nvd
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.4
Confidence
Low
EPSS
0.005
Percentile
76.6%
Cross-site request forgery (CSRF) vulnerability in Exinda WAN Optimization Suite 7.0.0 (2160) allows remote attackers to hijack the authentication of administrators for requests that change the admin password via a request to admin/launch.
Affected configurations
Node
exindawan_optimization_suiteMatch7.0.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| exinda | wan_optimization_suite | 7.0.0 | cpe:2.3:a:exinda:wan_optimization_suite:7.0.0:*:*:*:*:*:*:* |
Related
prion
prion
Cross site request forgery (csrf)
2014-10-02 14:55:00
cvelist
cvelist
CVE-2014-7158
2014-10-02 14:00:00
nvd
nvd
CVE-2014-7158
2014-10-02 14:55:05
zdt
zdt
Exinda WAN Optimization Suite 7.0.0 CSRF / XSS Vulnerabilities
2014-09-28 00:00:00
packetstorm
packetstorm
Exinda WAN Optimization Suite 7.0.0 CSRF / XSS
2014-09-27 00:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.4
Confidence
Low
EPSS
0.005
Percentile
76.6%
Related for CVE-2014-7158