Lucene search

[email protected]NVD:CVE-2008-3421

HistoryJul 31, 2008 - 5:41 p.m.

CVE-2008-3421

2008-07-3117:41:00

CWE-352

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

7.3

Confidence

Low

EPSS

0.001

Percentile

50.6%

JSON

Multiple cross-site request forgery (CSRF) vulnerabilities in Blackboard Academic Suite 8.0.260.7 allow remote attackers to hijack the authentication of student users for requests that change configuration and enrollments via unspecified input to (1) update_module.jsp, (2) enroll_course.pl, and (3) unenroll.jsp.

Affected configurations

Nvd

Node

blackboardblackboard_academic_suiteMatch8.0.260.7

VendorProductVersionCPE
blackboardblackboard_academic_suite8.0.260.7cpe:2.3:a:blackboard:blackboard_academic_suite:8.0.260.7:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
blackboard	blackboard_academic_suite	8.0.260.7	cpe:2.3:a:blackboard:blackboard_academic_suite:8.0.260.7:::::::*

References

ceaseless.ws/bb-csrf/

secunia.com/advisories/31177

www.securitytracker.com/id?1020559

exchange.xforce.ibmcloud.com/vulnerabilities/43986

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

7.3

Confidence

Low

EPSS

0.001

Percentile

50.6%

JSON

Related for NVD:CVE-2008-3421

cve1 cvelist1 prion1