Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2016-0891

🗓️ 20 Apr 2016 17:00:00Reported by dellType 
cve
 cve🔗 web.nvd.nist.gov👁 40 Views🌐 WEB

Multiple CSRF vulnerabilities in EMC ViPR SRM before 3.7 allow remote attackers to hijack admin authentication

Related
Detection
Refs
Paths
ReporterTitlePublishedViews
Family
0day.today		EMC ViPR SRM - Cross-Site Request Forgery
27 Apr 201600:00
zdt
Circl		CVE-2016-0891
27 Apr 201600:00
circl
CNVD		EMC ViPR SRM Cross-Site Request Forgery Vulnerability
20 Apr 201600:00
cnvd
Cvelist		CVE-2016-0891
20 Apr 201617:00
cvelist
Exploit DB		EMC ViPR SRM - Cross-Site Request Forgery
27 Apr 201600:00
exploitdb
EUVD		EUVD-2016-0902
7 Oct 202500:30
euvd
exploitpack		EMC ViPR SRM - Cross-Site Request Forgery
27 Apr 201600:00
exploitpack
NVD		CVE-2016-0891
20 Apr 201617:59
nvd
Packet Storm		EMC ViPR SRM Cross Site Request Forgery
27 Apr 201600:00
packetstorm
Prion		Cross site request forgery (csrf)
20 Apr 201617:59
prion
Rows per page
NVD
Node
emcvipr_srmRange3.6.4
ParameterPositionPathDescriptionCWE
form-idrequest bodyAPG/admin/formCSRF vulnerability in admin form allowing forged requests to create/modify users when administrator is logged in.CWE-352
identrequest bodyAPG/admin/formCSRF vulnerability in admin form allowing forged requests to create/modify users when administrator is logged in.CWE-352
oldrequest bodyAPG/admin/formCSRF vulnerability in admin form allowing forged requests to create/modify users when administrator is logged in.CWE-352
namerequest bodyAPG/admin/formCSRF vulnerability in admin form allowing forged requests to create/modify users when administrator is logged in.CWE-352
passwordrequest bodyAPG/admin/formCSRF vulnerability in admin form allowing forged requests to create/modify users when administrator is logged in.CWE-352
confirmrequest bodyAPG/admin/formCSRF vulnerability in admin form allowing forged requests to create/modify users when administrator is logged in.CWE-352
titlerequest bodyAPG/admin/formCSRF vulnerability in admin form allowing forged requests to create/modify users when administrator is logged in.CWE-352
first-namerequest bodyAPG/admin/formCSRF vulnerability in admin form allowing forged requests to create/modify users when administrator is logged in.CWE-352
last-namerequest bodyAPG/admin/formCSRF vulnerability in admin form allowing forged requests to create/modify users when administrator is logged in.CWE-352
emailrequest bodyAPG/admin/formCSRF vulnerability in admin form allowing forged requests to create/modify users when administrator is logged in.CWE-352
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
06 May 2026 22:30Current
9High risk
Vulners AI Score9
CVSS 26.8
CVSS 38.8
EPSS0.03087
CWE-352
emcvipr srmcsrfvulnerabilityremote attackersadmin authentication
40