Lucene search
HistoryOct 28, 2015 - 10:59 a.m.
CVE-2015-6493
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
6.7
Confidence
Low
EPSS
0.001
Percentile
46.6%
Cross-site request forgery (CSRF) vulnerability in Infinite Automation Mango Automation 2.5.x and 2.6.x through 2.6.0 build 430 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.
Affected configurations
Node
infinite_automation_systemsmango_automationMatch2.5.0
ORinfinite_automation_systemsmango_automationMatch2.5.5
ORinfinite_automation_systemsmango_automationMatch2.6.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| infinite_automation_systems | mango_automation | 2.5.0 | cpe:2.3:a:infinite_automation_systems:mango_automation:2.5.0:*:*:*:*:*:*:* |
| infinite_automation_systems | mango_automation | 2.5.5 | cpe:2.3:a:infinite_automation_systems:mango_automation:2.5.5:*:*:*:*:*:*:* |
| infinite_automation_systems | mango_automation | 2.6.0 | cpe:2.3:a:infinite_automation_systems:mango_automation:2.6.0:*:*:*:*:*:*:* |
Related
zeroscience
zeroscience
Mango Automation 2.6.0 CSRF Add Admin Exploit
2015-09-26 00:00:00
cve
cve
CVE-2015-6493
2015-10-28 10:59:15
prion
prion
Cross site request forgery (csrf)
2015-10-28 10:59:00
cvelist
cvelist
CVE-2015-6493
2015-10-28 10:00:00
ics
ics
Infinite Automation Systems Mango Automation Vulnerabilities (Update A)
2018-08-27 12:00:00
exploitdb
exploitdb
Mango Automation 2.6.0 - Multiple Vulnerabilities
2015-09-28 00:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
6.7
Confidence
Low
EPSS
0.001
Percentile
46.6%
Related for NVD:CVE-2015-6493