Lucene search
PRIOn knowledge basePRION:CVE-2015-2248HistoryMay 01, 2015 - 3:59 p.m.
Cross site request forgery (csrf)
2015-05-0115:59:00
PRIOn knowledge base
www.prio-n.com
2
Cross-site request forgery (CSRF) vulnerability in the user portal in Dell SonicWALL Secure Remote Access (SRA) products with firmware before 7.5.1.0-38sv and 8.x before 8.0.0.1-16sv allows remote attackers to hijack the authentication of users for requests that create bookmarks via a crafted request to cgi-bin/editBookmark.
| CPE | Name | Operator | Version |
|---|---|---|---|
| remote_access_firmware | ge | 8.0.0.0 | |
| remote_access_firmware | lt | 8.0.0.1 | |
| remote_access_firmware | eq | < 7.5.1.0-38sv |
References
packetstormsecurity.com/files/131762/Dell-SonicWALL-Secure-Remote-Access-7.5-8.0-CSRF.html
www.securityfocus.com/bid/73098
www.securitytracker.com/id/1032227
support.software.dell.com/product-notification/151370?productName=SonicWALL%20SRA%20Series
www.exploit-db.com/exploits/36940/
www.scip.ch/en/?vuldb.75111
Related
packetstorm
packetstorm
Dell SonicWALL Secure Remote Access 7.5 / 8.0 CSRF
2015-05-05 00:00:00
nvd
nvd
CVE-2015-2248
2015-05-01 15:59:04
cvelist
cvelist
CVE-2015-2248
2015-05-01 15:00:00
openvas
openvas
Dell SonicWALL Secure Remote Access (SRA) CSRF Vulnerability
2017-02-08 00:00:00
cve
cve
CVE-2015-2248
2015-05-01 15:59:04