Lucene search
IcscertCVE-2015-6468HistorySep 26, 2015 - 1:59 a.m.
CVE-2015-6468
2015-09-2601:59:13
CWE-352
icscert
web.nvd.nist.gov
28
cve-2015-6468
cross-site request forgery
csrf vulnerability
resource data management data manager
nvd
authentication hijacking
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.3
Confidence
Low
EPSS
0.001
Percentile
46.6%
Cross-site request forgery (CSRF) vulnerability in Resource Data Management Data Manager before 2.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
Affected configurations
Node
resource_data_management_data_managerdata_managerRange≤2.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| resource_data_management_data_manager | data_manager | * | cpe:2.3:a:resource_data_management_data_manager:data_manager:*:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2015-6468
2015-09-25 01:00:00
prion
prion
Cross site request forgery (csrf)
2015-09-26 01:59:00
nvd
nvd
CVE-2015-6468
2015-09-26 01:59:13
ics
ics
Resource Data Management Privilege Escalation Vulnerability
2018-08-27 12:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.3
Confidence
Low
EPSS
0.001
Percentile
46.6%
Related for CVE-2015-6468