Lucene search
HistoryDec 09, 2013 - 4:55 p.m.
CVE-2013-5355
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.3
Confidence
Low
EPSS
0.002
Percentile
52.7%
Multiple cross-site request forgery (CSRF) vulnerabilities in Sharetronix 3.1.1 allow remote attackers to hijack the authentication of administrators for requests that (1) change configuration settings or (2) create new administrative users via unspecified vectors.
Affected configurations
Node
sharetronixsharetronixMatch3.1.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| sharetronix | sharetronix | 3.1.1 | cpe:2.3:a:sharetronix:sharetronix:3.1.1:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2013-5355
2013-12-09 16:00:00
prion
prion
Cross site request forgery (csrf)
2013-12-09 16:55:00
cve
cve
CVE-2013-5355
2013-12-09 16:55:09
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.3
Confidence
Low
EPSS
0.002
Percentile
52.7%
Related for NVD:CVE-2013-5355