2 matches found
CVE-2014-2358
The CVE-2014-2358 issue affects Fox DataDiode Appliance proxy server’s administrative web interface (all versions up to 1.7.1). It is a CSRF vulnerability that lets remote attackers hijack administrator sessions to perform actions such as creating/removing admin users and changing permissions. Th...
CVE-2014-2358 Fox-IT DataDiode Appliance CSRF
Multiple cross-site request forgery CSRF vulnerabilities in the administrative web interface in the proxy server on Fox-IT Fox DataDiode appliances before 1.7.2 allow remote attackers to hijack the authentication of administrators for requests that 1 create administrative users, 2 remove...