Lucene search
Ubuntu.comUB:CVE-2013-7107HistoryJan 15, 2014 - 12:00 a.m.
CVE-2013-7107
2014-01-1500:00:00
ubuntu.com
ubuntu.com
10
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
60.4%
Cross-site request forgery (CSRF) vulnerability in cmd.cgi in Icinga 1.8.5,
1.9.4, 1.10.2, and earlier allows remote attackers to hijack the
authentication of users for unspecified commands via unspecified vectors,
as demonstrated by bypassing authentication requirements for CVE-2013-7106.
Bugs
Notes
| Author | Note |
|---|---|
| mdeslaur | fixing this in stable releases will break compatibility with some addons and scripts, ignoring. |
Related
cve
cve
CVE-2013-7106
2014-01-15 16:08:00
CVE-2013-7107
2014-01-15 16:08:00
debiancve
debiancve
CVE-2013-7106
2014-01-15 16:08:00
CVE-2013-7107
2014-01-15 16:08:00
ubuntucve
ubuntucve
CVE-2013-7106
2014-01-15 00:00:00
prion
prion
Stack overflow
2014-01-15 16:08:00
Cross site request forgery (csrf)
2014-01-15 16:08:00
openvas
openvas
Debian Security Advisory DSA 2956-1 (icinga - security update)
2014-06-11 00:00:00
Debian: Security Advisory (DSA-2956-1)
2014-06-10 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 2956-1] icinga security update
2014-06-14 00:00:00
debian
debian
[SECURITY] [DSA 2956-1] icinga security update
2014-06-11 14:34:20
nessus
nessus
Debian DSA-2956-1 : icinga - security update
2014-06-12 00:00:00
openSUSE Security Update : icinga (openSUSE-SU-2014:0269-1)
2014-06-13 00:00:00
osv
osv
icinga - security update
2014-06-11 00:00:00
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
60.4%
Related for UB:CVE-2013-7107