Cross site request forgery (csrf)

2014-06-1714:55:00

PRIOn knowledge base

www.prio-n.com

7.7 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

52.7%

JSON

Cross-site request forgery (CSRF) vulnerability in Hitachi Tuning Manager before 7.6.1-06 and 8.x before 8.0.0-04 and JP1/Performance Management - Manager Web Option 07-00 through 07-54 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

CPENameOperatorVersion
jp1\\/performance_management-manager_web_optioneq7.0.0
jp1\\/performance_management-manager_web_optioneq7.0.0
jp1\\/performance_management-manager_web_optioneq7.0.54
jp1\\/performance_management-manager_web_optioneq7.0.54
tuning_managereq8.0.0
tuning_managereq8.0.0
tuning_managereq6.0.0
tuning_managereq6.0.0
tuning_managereq8.0.0 3
tuning_managereq7.6.1 5

Name	Operator	Version
jp1\\/performance_management-manager_web_option	eq	7.0.0
jp1\\/performance_management-manager_web_option	eq	7.0.0
jp1\\/performance_management-manager_web_option	eq	7.0.54
jp1\\/performance_management-manager_web_option	eq	7.0.54
tuning_manager	eq	8.0.0
tuning_manager	eq	8.0.0
tuning_manager	eq	6.0.0
tuning_manager	eq	6.0.0
tuning_manager	eq	8.0.0 3
tuning_manager	eq	7.6.1 5

Rows per page:

1-10 of 131

References

secunia.com/advisories/58528

secunia.com/advisories/58899

www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-013/index.html

www.securityfocus.com/bid/68015