Cross site request forgery (csrf)

2020-05-2221:15:00

PRIOn knowledge base

www.prio-n.com

8.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

31.5%

JSON

An issue was discovered in Aviatrix Controller before 5.4.1204. An API call on the web interface lacked a session token check to control access, leading to CSRF.

CPENameOperatorVersion
controllerlt5.4.1204

CPE	Name	Operator	Version
	controller	lt	5.4.1204

References

docs.aviatrix.com/HowTos/security_bulletin_article.html