Lucene search
MitreCVE-2007-5799HistoryNov 03, 2007 - 12:46 a.m.
CVE-2007-5799
2007-11-0300:46:00
CWE-352
mitre
web.nvd.nist.gov
23
cve
2007
5799
csrf
vulnerabilities
ibm
websphere
application server
uddi
navigatetree
remote attackers
fix pack
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
6.8
Confidence
High
EPSS
0.004
Percentile
74.8%
Multiple cross-site request forgery (CSRF) vulnerabilities in uddigui/navigateTree.do in the UDDI user console in IBM WebSphere Application Server (WAS) before 6.1.0 Fix Pack 13 (6.1.0.13) allow remote attackers to perform some actions as WAS UDDI users via the (1) keyField, (2) nameField, (3) valueField, and (4) frameReturn parameters.
Affected configurations
Node
ibmwebsphere_application_serverRange≤6.1.0.12
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | websphere_application_server | * | cpe:2.3:a:ibm:websphere_application_server:*:*:*:*:*:*:*:* |
Related
prion
prion
Cross site request forgery (csrf)
2007-11-03 00:46:00
cvelist
cvelist
CVE-2007-5799
2007-11-03 00:00:00
nvd
nvd
CVE-2007-5799
2007-11-03 00:46:00
nessus
nessus
IBM WebSphere Application Server navigateTree.do Multiple Vulnerabilities
2007-11-07 00:00:00
IBM WebSphere Application Server 6.1 < 6.1.0.13 Multiple Vulnerabilities
2010-04-05 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
6.8
Confidence
High
EPSS
0.004
Percentile
74.8%
Related for CVE-2007-5799