3 matches found
CVE-2017-5156
A Cross-Site Request Forgery issue was discovered in Schneider Electric Wonderware InTouch Access Anywhere, version 11.5.2 and prior. The client request may be forged from a different site. This will allow an external site to access internal RDP systems on behalf of the currently logged in user...
CVE-2017-5156
A Cross-Site Request Forgery issue was discovered in Schneider Electric Wonderware InTouch Access Anywhere, version 11.5.2 and prior. The client request may be forged from a different site. This will allow an external site to access internal RDP systems on behalf of the currently logged in user...
CVE-2017-5156
Schneider Electric Wonderware InTouch Access Anywhere (affected >= 11.5.2) is vulnerable to CVE-2017-5156: Cross-Site Request Forgery that can allow a remote attacker on a different site to access internal RDP systems on behalf of a logged-in user. The vulnerability stems from CSRF in the web-...