Lucene search
PRIOn knowledge basePRION:CVE-2015-2848HistoryJul 26, 2015 - 6:59 p.m.
Cross site request forgery (csrf)
2015-07-2618:59:00
PRIOn knowledge base
www.prio-n.com
3
Cross-site request forgery (CSRF) vulnerability in Honeywell Tuxedo Touch before 5.2.19.0_VA allows remote attackers to hijack the authentication of arbitrary users for requests associated with home-automation commands, as demonstrated by a door-unlock command.
| CPE | Name | Operator | Version |
|---|---|---|---|
| tuxedo_touch | eq | <= 5.1.13.0-va |
References
Related
cve
cve
CVE-2015-2848
2015-07-26 18:59:01
cvelist
cvelist
CVE-2015-2848
2015-07-26 18:00:00
nvd
nvd
CVE-2015-2848
2015-07-26 18:59:01
cert
cert
Honeywell Tuxedo Touch Controller contains multiple vulnerabilities
2015-07-24 00:00:00