Cross site request forgery (csrf)

2009-08-1118:30:00

PRIOn knowledge base

www.prio-n.com

7.6 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

59.7%

JSON

Cross-site request forgery (CSRF) vulnerability in the WebGUI in FreeNAS before 0.7RC1 allows remote attackers to hijack the authentication of users for unspecified requests via unknown vectors.

CPENameOperatorVersion
freenaseq0.69.1
freenasle0.69.2

CPE	Name	Operator	Version
	freenas	eq	0.69.1
	freenas	le	0.69.2

References

jvn.jp/en/jp/JVN15267895/index.html

jvndb.jvn.jp/en/contents/2009/JVNDB-2009-000053.html

www.freenas.org/index.php?option=com_frontpage&Itemid=22

www.ipa.go.jp/security/vuln/documents/2009/200908_freenas.html