Cross site request forgery (csrf)

An issue was discovered in Cassia Access Controller 2.1.1.2303271039. Establishing a web SSH session to gateways is vulnerable to Cross Site Request Forgery CSRF attacks...

CVE-2023-35793

An issue was discovered in Cassia Access Controller 2.1.1.2303271039. Establishing a web SSH session to gateways is vulnerable to Cross Site Request Forgery CSRF attacks...

CVE-2023-35793

Cassia Networks Cassia Access Controller 2.1.1.2303271039 exposes a CSRF vulnerability in the Web SSH session to gateways. Root cause appears related to insufficient authentication of executed requests, enabling CSRF when establishing a web SSH session. Affected component: Web SSH/session establi...