Lucene search

[email protected]NVD:CVE-2008-1719

HistoryApr 10, 2008 - 7:05 p.m.

CVE-2008-1719

2008-04-1019:05:00

CWE-352

[email protected]

web.nvd.nist.gov

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

6.4

Confidence

High

EPSS

0.001

Percentile

48.7%

JSON

Multiple cross-site request forgery (CSRF) vulnerabilities in Nuke ET 3.2 and 3.4 allow remote attackers to perform actions as administrators, as demonstrated by inserting an XSS sequence into a document.

Affected configurations

Nvd

Node

truzonenuke_etMatch3.2

truzonenuke_etMatch3.4

VendorProductVersionCPE
truzonenuke_et3.2cpe:2.3:a:truzone:nuke_et:3.2:*:*:*:*:*:*:*
truzonenuke_et3.4cpe:2.3:a:truzone:nuke_et:3.4:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
truzone	nuke_et	3.2	cpe:2.3:a:truzone:nuke_et:3.2:::::::*
truzone	nuke_et	3.4	cpe:2.3:a:truzone:nuke_et:3.4:::::::*

References

secunia.com/advisories/29651

www.mrzayas.es/2008/04/07/xsrf-en-nuke-et-3x/

exchange.xforce.ibmcloud.com/vulnerabilities/41851

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

6.4

Confidence

High

EPSS

0.001

Percentile

48.7%

JSON

Related for NVD:CVE-2008-1719

cvelist1 prion1 cve1