EUVD-2012-6346

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

Cross-site request forgery vulnerability in Rapid7 Nexpose allows remote attackers to hijack authentication.

Reporter	Title	Published	Views	Family All 11
0day.today	Nexpose Security Console CSRF Vulnerability	6 Jan 201300:00	–	zdt
Circl	CVE-2012-6493	6 Jan 201300:00	–	circl
CVE	CVE-2012-6493	4 Feb 201417:00	–	cve
Cvelist	CVE-2012-6493	4 Feb 201417:00	–	cvelist
Exploit DB	Nexpose Security Console - Cross-Site Request Forgery	6 Jan 201300:00	–	exploitdb
exploitpack	Nexpose Security Console - Cross-Site Request Forgery	6 Jan 201300:00	–	exploitpack
NVD	CVE-2012-6493	4 Feb 201422:55	–	nvd
Packet Storm	Nexpose Security Console Cross Site Request Forgery	5 Jan 201300:00	–	packetstorm
Prion	Cross site request forgery (csrf)	4 Feb 201422:55	–	prion
securityvulns	CVE-2012-6493 - Nexpose Security Console - Cross-Site Request Forgery (CSRF)	5 Jan 201300:00	–	securityvulns

[
  {
    "enisaIdVendor": [
      {
        "id": "d0dfd920-be58-392f-a37a-a595381766fd",
        "vendor": {
          "name": "n/a"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "74a76bd8-32be-3330-becf-7e33303ca131",
        "product": {
          "name": "n/a"
        },
        "product_version": "n/a"
      }
    ]
  }
]

Source	Link
packetstormsecurity	www.packetstormsecurity.com/files/cve/CVE-2012-6493
exploit-db	www.exploit-db.com/exploits/23924
osvdb	www.osvdb.org/88923
archives	www.archives.neohapsis.com/archives/bugtraq/2013-01/0014.html
community	www.community.rapid7.com/docs/DOC-2155
packetstormsecurity	www.packetstormsecurity.com/files/119260/Nexpose-Security-Console-Cross-Site-Request-Forgery.html
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

6.2Medium risk

Vulners AI Score6.2

CVSS 26.8

EPSS0.00385