Lucene search

PRIOn knowledge basePRION:CVE-2008-2071

HistoryMay 12, 2008 - 4:20 p.m.

Cross site request forgery (csrf)

2008-05-1216:20:00

PRIOn knowledge base

www.prio-n.com

7.3 High

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

56.7%

JSON

Multiple cross-site request forgery (CSRF) vulnerabilities in the WHM interface 11.15.0 for cPanel 11.18 before 11.18.4 and 11.22 before 11.22.3 allow remote attackers to perform unauthorized actions as cPanel administrators via requests to cpanel/whm/webmail and other unspecified vectors.

CPENameOperatorVersion
cpaneleq11.18
cpaneleq11.22
cpaneleq11.18.3
cpaneleq11.18.1
cpaneleq11.22.1
cpaneleq11.22.2
cpaneleq11.18.2

Name	Operator	Version
cpanel	eq	11.18
cpanel	eq	11.22
cpanel	eq	11.18.3
cpanel	eq	11.18.1
cpanel	eq	11.22.1
cpanel	eq	11.22.2
cpanel	eq	11.18.2

References

changelog.cpanel.net/?revision=0%3Btree=%3Btreeview=%3Bshow=html%3Bpp=25%3Bte=1314%3Bpg=2

lists.grok.org.uk/pipermail/full-disclosure/2008-May/062197.html

secunia.com/advisories/30166

securityreason.com/securityalert/3866

www.securityfocus.com/archive/1/491864/100/0/threaded

www.securityfocus.com/bid/29125

www.vupen.com/english/advisories/2008/1522/references

exchange.xforce.ibmcloud.com/vulnerabilities/42306

7.3 High

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

56.7%

JSON

Related for PRION:CVE-2008-2071