CVE-2017-5657

🗓️ 22 May 2017 18:00:00Reported by apacheType

Apache Archiva REST endpoints vulnerable to CSR

Reporter	Title	Published	Views	Family All 10
CNVD	Apache Archiva Cross-Site Request Forgery Vulnerability	23 May 201700:00	–	cnvd
Cvelist	CVE-2017-5657	22 May 201718:00	–	cvelist
EUVD	EUVD-2022-4130	3 Oct 202520:07	–	euvd
Github Security Blog	Apache Archiva vulnerable to Cross Site Request Forgery	14 May 202201:09	–	github
NVD	CVE-2017-5657	22 May 201718:29	–	nvd
OpenVAS	Apache Archiva < 2.2.3 CSRF Vulnerability	23 May 201700:00	–	openvas
OSV	CVE-2017-5657	22 May 201718:29	–	osv
OSV	GHSA-HF4P-MHC8-X2GP Apache Archiva vulnerable to Cross Site Request Forgery	14 May 202201:09	–	osv
Prion	Cross site request forgery (csrf)	22 May 201718:29	–	prion
Veracode	Cross-Site Request Forgery (CSRF)	22 May 201704:46	–	veracode

NVD

Vulners

Node

apache archivaRange≤2.2.1

[
  {
    "product": "Apache Archiva",
    "vendor": "Apache Software Foundation",
    "versions": [
      {
        "status": "affected",
        "version": "1.x"
      },
      {
        "status": "affected",
        "version": "2.0.0, 2.0.1"
      },
      {
        "status": "affected",
        "version": "2.1.0, 2.1.1"
      },
      {
        "status": "affected",
        "version": "2.2.0, 2.2.1, 2.2.2"
      }
    ]
  }
]

Source	Link
securitytracker	www.securitytracker.com/id/1038528
lists	www.lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8%40%3Ccommits.pulsar.apache.org%3E
securityfocus	www.securityfocus.com/bid/98570
archiva	www.archiva.apache.org/security.html

13 May 2026 00:24Current

7.8High risk

Vulners AI Score7.8

CVSS 26

CVSS 38

EPSS0.00144

CWE-352