Lucene search
CertccCVELIST:CVE-2015-2878HistoryOct 23, 2017 - 6:00 p.m.
CVE-2015-2878
2017-10-2318:00:00
certcc
raw.githubusercontent.com
1
Multiple cross-site request forgery (CSRF) vulnerabilities in Hexis HawkEye G 3.0.1.4912 allow remote attackers to hijack the authentication of administrators for requests that (1) add arbitrary accounts via the name parameter to interface/rest/accounts/json; turn off the (2) Url matching, (3) DNS Inject, or (4) IP Redirect Sensor in a request to interface/rest/dpi/setEnabled/1; or (5) perform whitelisting of malware MD5 hash IDs via the id parameter to interface/rest/md5-threats/whitelist.
Related
securityvulns
securityvulns
Hawkeye-G v3.0.1.4912 CSRF Vulnerability CVE-2015-2878
2015-07-27 00:00:00
cve
cve
CVE-2015-2878
2017-10-23 18:29:00
packetstorm
packetstorm
Hawkeye-G 3.0.1.4912 Cross Site Request Forgery
2015-07-24 00:00:00
prion
prion
Cross site request forgery (csrf)
2017-10-23 18:29:00
exploitpack
exploitpack
Hawkeye-G 3.0.1.4912 - Cross-Site Request Forgery
2015-07-24 00:00:00
zdt
zdt
Hawkeye-G v3.0.1.4912 CSRF Vulnerability
2015-07-24 00:00:00
exploitdb
exploitdb
Hawkeye-G 3.0.1.4912 - Cross-Site Request Forgery
2015-07-24 00:00:00