Lucene search
HistoryOct 02, 2014 - 2:55 p.m.
CVE-2014-7158
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.2
Confidence
Low
EPSS
0.005
Percentile
76.6%
Cross-site request forgery (CSRF) vulnerability in Exinda WAN Optimization Suite 7.0.0 (2160) allows remote attackers to hijack the authentication of administrators for requests that change the admin password via a request to admin/launch.
Affected configurations
Node
exindawan_optimization_suiteMatch7.0.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| exinda | wan_optimization_suite | 7.0.0 | cpe:2.3:a:exinda:wan_optimization_suite:7.0.0:*:*:*:*:*:*:* |
Related
prion
prion
Cross site request forgery (csrf)
2014-10-02 14:55:00
cvelist
cvelist
CVE-2014-7158
2014-10-02 14:00:00
cve
cve
CVE-2014-7158
2014-10-02 14:55:05
zdt
zdt
Exinda WAN Optimization Suite 7.0.0 CSRF / XSS Vulnerabilities
2014-09-28 00:00:00
packetstorm
packetstorm
Exinda WAN Optimization Suite 7.0.0 CSRF / XSS
2014-09-27 00:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.2
Confidence
Low
EPSS
0.005
Percentile
76.6%
Related for NVD:CVE-2014-7158