Lucene search

[email protected]CVE-2014-8473

HistoryNov 04, 2014 - 8:55 p.m.

CVE-2014-8473

2014-11-0420:55:00

CWE-352

[email protected]

web.nvd.nist.gov

cve-2014-8473

cross-site request forgery

csrf

vulnerability

ca cloud service management

csm

nvd

7.2 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

70.4%

JSON

Cross-site request forgery (CSRF) vulnerability in CA Cloud Service Management (CSM) before Summer 2014 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

CPENameOperatorVersion
ca:cloud_service_managementca cloud service managementle2014

CPE	Name	Operator	Version
ca:cloud_service_management	ca cloud service management	le	2014

References

www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20141103-01-security-notice-for-ca-cloud-service-management.aspx

www.securityfocus.com/bid/70925

www.securitytracker.com/id/1031214

exchange.xforce.ibmcloud.com/vulnerabilities/98536

7.2 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

70.4%

JSON

Related for CVE-2014-8473

prion1 securityvulns2